2970 matches found
CVE-2021-1410
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...
CVE-2021-1410
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...
CVE-2020-26067 Cisco Webex Teams Web Interface Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains...
CVE-2020-26067 Cisco Webex Teams Web Interface Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains...
CVE-2021-1410 Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...
CVE-2021-1410 Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...
CVE-2023-20094
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendi...
CVE-2022-20654
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based...
CVE-2022-20654
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based...
CVE-2022-20654 Cisco Webex Meetings Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based...
CVE-2022-20654 Cisco Webex Meetings Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based...
CVE-2023-20094 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendi...
CVE-2023-20094 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendi...
WebEx Remote Command Execution Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Remote Command Execution Utility', 'Description' = %q This module enables the execution of a single command as System by exploiting a remot...
PT-2024-11941 · Cisco · Cisco Webex
Name of the Vulnerable Software and Affected Versions: Cisco WebEx affected versions not specified Description: A buffer overflow issue has been identified. No further details are available due to the rejection of the candidate number. Recommendations: At the moment, there is no information about...
PT-2024-11675 · Cisco · Cisco Webex
Name of the Vulnerable Software and Affected Versions: Cisco WebEx affected versions not specified Description: A critical authentication bypass issue has been identified. No further details are available due to the rejection of the candidate number. Recommendations: At the moment, there is no...
The vulnerability of the File Protocol Handler component in Cisco Webex Teams software allows attackers to disclose protected information.
The vulnerability of the File Protocol Handler component in Cisco Webex Meetings and Teams software lies in the lack of protection for sensitive data. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted link...
The vulnerability of the multimedia extraction function in Cisco WebEx Teams software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the multimedia extraction function in Cisco WebEx Teams software relates to the insecure transmission of requests to internal services. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using ...
Cisco Releases Security Updates for Multiple Products
Cisco released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: Cisco Secu...
CVE-2024-20396
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...