2970 matches found
CVE-2024-20396
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...
CVE-2024-20395
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such ...
CVE-2024-20395
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such ...
CVE-2024-20396
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...
CVE-2024-20396
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerabili...
CVE-2024-20396
CVE-2024-20396 affects Cisco Webex App: vulnerability in protocol/file handlers allows unauthenticated, remote access to sensitive information via specially crafted links. Impact targets credentials transmitted in requests; CVSS info shows network vector with user interaction required. Cisco advi...
CVE-2024-20395
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such ...
CVE-2024-20395
Cisco Webex App contains a vulnerability in the media retrieval functionality that could allow an unauthenticated, adjacent attacker to access sensitive session information by intercepting insecurely transmitted requests for embedded media. The root cause is insecure transmission of requests to b...
CVE-2024-20395
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such ...
Cisco Webex App Vulnerabilities
Multiple vulnerabilities in Cisco Webex App could allow an unauthenticated attacker to gain access to sensitive credential information. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has released software updates that address these...
PT-2024-5197 · Cisco · Cisco Webex App
Name of the Vulnerable Software and Affected Versions: Cisco Webex App affected versions not specified Description: A vulnerability in the media retrieval functionality could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This issue is due to insecure...
PT-2024-5196 · Cisco · Cisco Webex App
Name of the Vulnerable Software and Affected Versions: Cisco Webex App affected versions not specified Description: A vulnerability in the protocol handlers of the application could allow an unauthenticated, remote attacker to gain access to sensitive information. This issue exists because the...
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion By Ale Houspanossian · June 17, 2024 Case Summary It was a quiet Monday morning in March 2024 when the EDR researchers with our Trellix Advanced Research Center identifi...
Cisco Webex Meetings Meeting Information and Metadata Issue June 2024
In early May 2024, Cisco identified bugs in Cisco Webex Meetings that we now believe were leveraged in targeted security research activity allowing unauthorized access to meeting information and metadata in Cisco Webex deployments for certain customers. These bugs have been addressed and a fix ha...
Russian Operatives Expose German Military Webex Conversations
By Deeba Ahmed Leaked Military Audio Raises Stakes in Russia-Ukraine Conflict. This is a post from HackRead.com Read the original post: Russian Operatives Expose German Military Webex Conversations...
SUSE-SU-2024:0512-1 Security update for golang-github-prometheus-alertmanager
This update for golang-github-prometheus-alertmanager fixes the following issues: golang-github-prometheus-alertmanager was updated from version 0.23.0 to 0.26.0 jscPED-7353: - Version 0.26.0: Security fixes: + CVE-2023-40577: Fix stored XSS via the /api/v1/alerts endpoint in the Alertmanager UI...
VulnCheck KEV: CVE-2020-7796
Synacor Zimbra Collaboration Suite ZCS contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP is enabled...
Default printer becomes "Webex Document Loader"
Even set the Citrix policy "Do not adjust the user’s default printer", the default printer becomes "Webex Document Loader" after logging in...
PSA: Ongoing Webex malvertising campaign drops BatLoader
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search. We are releasing this blog to warn users about this...
The vulnerability in the software web interface for Cisco Webex Meetings allows a attacker to execute a CSRF attack.
The vulnerability of Cisco Webex Meetings software’s web interface is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created malicious link...