7 matches found
CVE-2018-0264
Summary: CVE-2018-0264 affects Cisco WebEx ARF playback components across WebEx Business Suite, Meetings sites, Meetings Server, and ARF Player. An unauthenticated, remote attacker can trigger arbitrary code execution by sending a user a link or email attachment containing a malicious ARF file an...
CVE-2018-0112
CVE-2018-0112 affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. The root cause is insufficient input validation by the WebEx clients, enabling an authenticated remote attacker to execute arbitrary code on a targeted system by delivering a malicious...
CVE-2018-15436
The CVE-2018-15436 issue affects Cisco Webex Centers’ web-based management interfaces (Events Center, Meeting Center, Support Center, Training Center). A cross-site scripting (XSS) vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attack...
CVE-2018-15410
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is faulty, allowing an attacker who persuades a user to open a malicious file to execute arbitrary code with the user’s privileges. Root cause cited across sources...
CVE-2018-0422
Summary: CVE-2018-0422 affects Cisco Webex Meetings Client for Windows. The vulnerability stems from folder permissions that allow a user to read, write, and execute files in the Webex user directories, enabling an authenticated, local attacker to modify locally stored files and execute code with...
CVE-2018-15418
CVE-2018-15418 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. Impact is arbitrary code execution wi...
CVE-2018-15409
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability in ARF/WRF file processing that could allow remote code execution. The root cause is improper validation of ARF/WRF data, enabling an attacker to craft a malicious file or link sent...