CVE-2020-3588 Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability

A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment...

CVE-2020-3588

CVE-2020-3588 affects Cisco Webex Meetings Desktop App for Windows in virtual desktop environments. The root cause is improper validation of messages processed by the virtualization channel interface, allowing a local attacker with limited privileges to execute arbitrary code with the user’s priv...

CVE-2020-3588 Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability

A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment...

CVE-2020-3573 Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored i...

CVE-2020-3573 Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored i...

CVE-2020-3573

Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by multiple ARF/WRF parsing vulnerabilities. The flaws stem from insufficient validation during ARF/WRF parsing and an uninitialized pointer, enabling arbitrary code execution when a user opens a mali...

Cisco Webex Teams Web Interface Cross-Site Scripting Vulnerability Vulnerability (cisco-sa-webex-teams-xss-zLW9tD3)

According to its self-reported version, Cisco Webex Teams is affected by a vulnerability. The vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains malicious HTML or script content and joining a space using the...

Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability (cisco-sa-webex-vdi-qQrpBwuJ)

According to its self-reported version, Cisco Webex Meetings Desktop App is prior to version 40.6.9, or is 40.8.x prior to 40.8.9 and thus, is affected by a remote code execution vulnerability. An unspecified flaw exists related to the virtualization channel interface that can allow a local...

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco has disclosed a zero-day vulnerability – for which there is not yet a patch – in the Windows, macOS and Linux versions of its AnyConnect Secure Mobility Client Software. While Cisco said it is not aware of any exploits in the wild for the vulnerability, it said Proof-of-Concept PoC exploit...

Multiple vulnerabilities in Cisco Webex products

Cisco has fixed vulnerabilities. The vulnerabilities allow a malicious party to carry out attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Cisco has made updates available to address the vulnerabilities. fixes. More information...

Cisco Webex Teams Cross-Site Scripting Vulnerability

Cisco Webex Teams is a comprehensive communications application designed to provide you with all the necessary tools and the right environment to enhance team collaboration. A cross-site scripting vulnerability exists in the web interface of Cisco Webex Teams. The vulnerability stems from imprope...

Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored i...

Cisco Webex Teams Web Interface Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains...

Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability

A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment...

PT-2020-4647 · Cisco · Cisco Webex Teams

Name of the Vulnerable Software and Affected Versions: Cisco Webex Teams affected versions not specified Description: A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The issue is due to improper...

The vulnerability of the template function for Cisco Webex Meetings software allows a hacker to delete any meeting template they desire.

The vulnerability of the template function for Cisco Webex Meetings software-related web conferencing solutions is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to delete any meeting template at will...

The vulnerability in the web interface for managing software for Cisco Webex Meetings allows attackers to perform cross-site scripting attacks.

The vulnerability in the web interface for managing Cisco Webex Meetings software involves a lack of measures to protect input data. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

The vulnerability of the “contacts” component in Cisco Webex Meetings software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the “contacts” component in Cisco Webex Meetings software is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the template function for software-based Cisco WebEx Meetings allows a hacker to gain rights to create meeting templates.

The vulnerability of the template creation function for Cisco Webex Meetings software-related web conferencing solutions is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain permission to create meeting templates...

The vulnerability of the user interface of Cisco Webex Meetings Server and Cisco Webex Meetings software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software user interfaces for Cisco Webex Meetings Server and Cisco Webex Meetings is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...