Lucene search
K
CiscoWebex Meetings Online

59 matches found

CVE
CVE
added 2020/01/26 4:55 a.m.170 views

CVE-2020-3142

CVE-2020-3142 affects Cisco Webex Meetings Suite sites and Webex Meetings Online sites via an unauthenticated join flow in mobile Webex apps. An attacker could join a password-protected meeting by using a known meeting ID/URL from a mobile browser, without providing the meeting password; the atte...

7.5CVSS7.2AI score0.0149EPSS
CVE
CVE
added 2022/04/06 6:13 p.m.131 views

CVE-2022-20763

CVE-2022-20763 – Cisco Webex Meetings Java deserialization vulnerability . The issue affects the login authorization component of Cisco Webex Meetings, caused by improper deserialization of Java code in login requests. An authenticated, remote attacker could exploit this to inject arbitrary Java ...

8.8CVSS6.5AI score0.00864EPSS
CVE
CVE
added 2019/11/26 3:42 a.m.99 views

CVE-2019-15987

CVE-2019-15987 affects Cisco Webex Centers suite (Webex Event Center, Meeting Center, Support Center, Training Center). Root cause: missing CAPTCHA on select URLs allows unauthenticated, remote attacker to enumerate usernames and potentially obtain real names. Impact is information disclosure (no...

5.3CVSS5.2AI score0.01581EPSS
CVE
CVE
added 2020/09/23 12:25 a.m.99 views

CVE-2020-3116

Cisco Webex Centers vulnerability CVE-2020-3116: A flaw in how Webex/Cisco Webex Center applications process Universal Communications Format (UCF) files can allow a DoS when a user opens a malicious UCF file received via link or email. Root cause: insufficient validation of UCF media files. Impac...

5.5CVSS5.3AI score0.00664EPSS
CVE
CVE
added 2019/02/28 6:0 p.m.96 views

CVE-2019-1674

CVE-2019-1674 is a local OS command injection in Cisco Webex Updates: the update service accepts crafted parameters, allowing an attacker with local access to execute commands with SYSTEM privileges. Affected: Cisco Webex Meetings Desktop App for Windows and Cisco Webex Productivity Tools. Root c...

9CVSS8.3AI score0.10759EPSS
CVE
CVE
added 2019/08/07 9:10 p.m.95 views

CVE-2019-1924

Cisco CVE-2019-1924 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue stems from improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. The exploit...

9.3CVSS7.9AI score0.01465EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.95 views

CVE-2021-1536

CVE-2021-1536 affects Cisco Webex products on Windows (Webex Meetings Desktop App, Webex Meetings Server, Webex Network Recording Player, and Webex Teams). The issue is a directory-path handling flaw that lets an authenticated, local attacker place a configuration file to cause loading of a malic...

7.8CVSS6.8AI score0.00326EPSS
CVE
CVE
added 2019/11/26 3:12 a.m.91 views

CVE-2019-15284

Consolidated details confirm CVE-2019-15284 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is insufficient validation of certain elements within ARF/WRF Webex recordings, enabling an attacker to execute arbitrary code on a targeted syst...

9.3CVSS7.8AI score0.01404EPSS
CVE
CVE
added 2019/08/07 9:20 p.m.91 views

CVE-2019-1928

The CVE-2019-1928 entries describe multiple ARF/WRF parsing vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, which can be exploited by sending a malicious file via a link or email attach...

9.3CVSS7.9AI score0.01452EPSS
CVE
CVE
added 2019/08/07 9:15 p.m.87 views

CVE-2019-1927

CVE-2019-1927 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a malicious ARF/WRF file received via link or email attachment. Impact: code runs with the user’s pr...

9.3CVSS8AI score0.01465EPSS
CVE
CVE
added 2019/08/07 9:20 p.m.87 views

CVE-2019-1929

The CVE-2019-1929 family covers multiple vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code on the target system. Exploitation requires a user to open a ...

9.3CVSS7.9AI score0.01452EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.86 views

CVE-2020-3127

Cisco WebEx Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3127 and related CVEs due to improper validation in ARF/WRF file parsing. The root cause is an uninitialized pointer access during ARF/WRF processing, enabling remote code execution. An attacker can e...

9.3CVSS7.8AI score0.02256EPSS
CVE
CVE
added 2020/09/23 12:35 a.m.85 views

CVE-2019-15285

Cisco CVE-2019-15285 covers multiple arbitrary-code-execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. Root cause: insufficient validation of elements in Webex recordings stored as ARF/WRF, exploitable when a user opens a crafted ARF/WRF file del...

9.3CVSS7.8AI score0.01715EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.82 views

CVE-2020-3128

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3128 due to insufficient validation of elements in ARF/WRF Webex recordings. An attacker could deliver a crafted ARF/WRF file via link or email and persuade a user to open it, risking arbitrary code e...

9.3CVSS7.8AI score0.01893EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.82 views

CVE-2021-1502

CVE-2021-1502 affects Cisco Webex Network Recording Player and Webex Player for Windows and macOS. Root cause: memory corruption due to insufficient validation of ARF/WRF recording files. Attackers can deliver a crafted ARF/WRF via a link or email attachment and persuade a user to open it, enabli...

7.8CVSS7.8AI score0.01081EPSS
CVE
CVE
added 2019/11/26 3:11 a.m.81 views

CVE-2019-15286

CVE-2019-15286 covers multiple arbitrary code execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows caused by insufficient validation of Webex ARF/WRF recordings. An attacker could craft a malicious ARF/WRF file and persuade a user to open it, execut...

9.3CVSS7.8AI score0.01404EPSS
CVE
CVE
added 2019/08/07 9:15 p.m.80 views

CVE-2019-1926

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2019-1926 due to improper validation of ARF/WRF files, enabling arbitrary code execution. The exploit involves sending a malicious ARF/WRF file via a link or email attachment and convincing the user to ope...

9.3CVSS7.9AI score0.01508EPSS
CVE
CVE
added 2019/08/07 9:10 p.m.74 views

CVE-2019-1925

Cisco Webex Network Recording Player and Webex Player for Windows are affected by multiple issues caused by improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted ARF/WRF file delivered via link or email attachment. The vulnerabilities stem from memory...

9.3CVSS7.9AI score0.01452EPSS
CVE
CVE
added 2019/05/15 7:25 p.m.73 views

CVE-2019-1773

The CVE-2019-1773 issue affects the Cisco Webex Network Recording Player and the Cisco Webex Player for Windows. The vulnerability arises from improper validation of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files, allowing an attacker to execute arbitrary code when a user ...

9.3CVSS7.6AI score0.01713EPSS
CVE
CVE
added 2020/04/15 8:10 p.m.71 views

CVE-2020-3194

The CVE-2020-3194 issue affects Cisco Webex Network Recording Player and Cisco Webex Player on Windows. It arises from insufficient validation of elements within a Webex recording stored as ARF/WRF, allowing an unauthenticated attacker to craft a malicious file and coerce a user to open it, there...

9.3CVSS7.7AI score0.01907EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.71 views

CVE-2021-1517

CVE-2021-1517 concerns a vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Webex Meetings Server . The issue arises from unsafe handling of shared content within the multimedia viewer, enabling an authenticated, remote attacker to bypass security protections by sharing a ...

5CVSS4.7AI score0.00825EPSS
CVE
CVE
added 2020/09/23 12:35 a.m.70 views

CVE-2019-15283

CVE-2019-15283 involves multiple arbitrary code execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The flaws arise from insufficient validation of elements within Webex recordings stored in ARF or WRF formats. An attacker could deliver a maliciou...

9.3CVSS7.8AI score0.01715EPSS
CVE
CVE
added 2020/09/23 12:35 a.m.69 views

CVE-2019-15287

CVE-2019-15287 covers multiple arbitrary-code-execution vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The flaws arise from insufficient validation of elements within Webex recordings stored in ARF or WRF formats. An attacker could entice a...

9.3CVSS7.8AI score0.01715EPSS
CVE
CVE
added 2020/08/17 6:1 p.m.64 views

CVE-2020-3412

The CVE-2020-3412 issue affects Cisco Webex Meetings: an authenticated, remote attacker could create a scheduled meeting template that belongs to another user due to insufficient authorization enforcement in the scheduled meeting template feature. Exploitation involves sending a crafted request t...

4.3CVSS4.5AI score0.00721EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.64 views

CVE-2021-1525

Cisco Webex Meetings and Webex Meetings Server are affected by CVE-2021-1525, an input-validation flaw in URL paths that allows an unauthenticated, remote attacker to redirect users to a remote (malicious) file. Exploitation requires convincing a user to follow a crafted URL, enabling the attacke...

6.1CVSS5.1AI score0.00783EPSS
CVE
CVE
added 2019/05/15 7:20 p.m.61 views

CVE-2019-1771

CVE-2019-1771 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachment. ...

7.8CVSS7.6AI score0.00508EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.60 views

CVE-2018-0380

CVE-2018-0380 affects Cisco Webex Network Recording Player components for ARF and WRF files. The vulnerabilities allow an attacker to cause a crash/DoS by delivering a malicious .arf or .wrf file and convincing the user to open it, with exploitation described as a resource-management/DoS conditio...

5.5CVSS5.8AI score0.01301EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.60 views

CVE-2018-15436

The CVE-2018-15436 issue affects Cisco Webex Centers’ web-based management interfaces (Events Center, Meeting Center, Support Center, Training Center). A cross-site scripting (XSS) vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attack...

6.1CVSS6AI score0.01373EPSS
CVE
CVE
added 2019/01/23 11:0 p.m.59 views

CVE-2019-1637

The CVE-2019-1637 issue affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows, caused by improper validation of ARF/WRF files. A malicious ARF/WRF file delivered via link or email and opened by the user could allow arbitrary code execution on the affected sys...

9.3CVSS7.7AI score0.0148EPSS
CVE
CVE
added 2018/05/02 10:0 p.m.58 views

CVE-2018-0287

CVE-2018-0287 affects Cisco WebEx Network Recording Player for ARF files. A design flaw could allow an unauthenticated, remote attacker to execute arbitrary code by convincing a user to open a malicious ARF file or follow a link (via email attachment or embedded link). Affected products include C...

8.8CVSS8.8AI score0.03836EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.58 views

CVE-2018-0379

Cisco WebEx Network Recording Player/Recorder and WebEx Recording Format (WRF) parsing vulnerabilities exist in ARF/WRF handling. Multiple issues (e.g., ARF/WRF parsing) can cause heap-based or integer overflow, leading to remote code execution when a user opens a malicious ARF/WRF file or views ...

7.8CVSS7.8AI score0.01813EPSS
CVE
CVE
added 2020/08/17 6:0 p.m.58 views

CVE-2020-3463

Summary of CVE-2020-3463 (Cisco Webex Meetings) : A vulnerability in the web-based management interface allows an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack due to insufficient validation of user-supplied input. An attacker can lure a user to click a malicious...

6.1CVSS5.9AI score0.0083EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.57 views

CVE-2018-15410

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is faulty, allowing an attacker who persuades a user to open a malicious file to execute arbitrary code with the user’s privileges. Root cause cited across sources...

9.3CVSS7.7AI score0.02015EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.57 views

CVE-2018-15421

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2018-15421 due to improper validation of ARF/WRF files. An attacker can deliver a malicious ARF/WRF file via a link or email attachment and persuade a user to open it, potentially allowing arbitrary code e...

9.3CVSS7.7AI score0.02015EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.57 views

CVE-2018-15431

Cisco Webex Network Recording Player and Webex Player for Windows are affected by CVE-2018-15431. The vulnerability arises from improper validation of ARF/WRF files, allowing an attacker to execute arbitrary code on an affected system when a user opens a malicious ARF/WRF file delivered via a lin...

7.3CVSS7.3AI score0.0049EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.56 views

CVE-2018-0457

Cisco Webex Player (WRF) vulnerability CVE-2018-0457 involves a resource management error in handling Webex Recording Format files. An unauthenticated, remote attacker can cause a DoS by sending a malicious WRF file via a link or email attachment and convincing a user to open it, crashing the pla...

5.5CVSS5.7AI score0.01716EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.56 views

CVE-2018-15415

CVE-2018-15415 affects the Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The issue stems from improper validation in ARF/WRF file parsing, allowing an attacker to execute arbitrary code on a vulnerable system. ZDI describes a remote code execution via a crafted ARF file...

9.3CVSS7.7AI score0.02125EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.56 views

CVE-2018-15422

Cisco Webex Network Recording Player (Windows) and Cisco Webex Player for Windows are affected by ARF/WRF file validation flaws that allow remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of WebEx recording f...

9.3CVSS7.7AI score0.02015EPSS
CVE
CVE
added 2019/05/15 7:25 p.m.55 views

CVE-2019-1772

CVE-2019-1772 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling a crafted file to cause arbitrary code execution on the affected system when a user opens it. Exploit path: attacker emails or link...

9.3CVSS7.6AI score0.01713EPSS
CVE
CVE
added 2020/08/17 6:1 p.m.55 views

CVE-2020-3413

The CVE-2020-3413 issue affects Cisco Webex Meetings, specifically the scheduled meeting template deletion feature. The root cause is insufficient authorization enforcement for requests to delete scheduled meeting templates, allowing an authenticated, remote attacker to delete a template belongin...

4.3CVSS4.5AI score0.00721EPSS
CVE
CVE
added 2018/05/02 10:0 p.m.54 views

CVE-2018-0288

The CVE-2018-0288 issue concerns Cisco WebEx Recording Format (WRF) Player: a design flaw in processing WRF files can allow remote attackers to read memory outside the mapped file boundaries, enabling information disclosure. Affected products include Cisco WebEx Business Suite meeting sites, WebE...

5.3CVSS5.4AI score0.0264EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.54 views

CVE-2018-0422

Summary: CVE-2018-0422 affects Cisco Webex Meetings Client for Windows. The vulnerability stems from folder permissions that allow a user to read, write, and execute files in the Webex user directories, enabling an authenticated, local attacker to modify locally stored files and execute code with...

7.3CVSS7.6AI score0.0107EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.53 views

CVE-2018-15408

CVE-2018-15408 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted file received via link or email attachment. ZDI details indicate remote code execution wi...

9.3CVSS7.7AI score0.02125EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.53 views

CVE-2018-15414

Cisco Webex Network Recording Player (Windows) and Cisco Webex Player are affected by ARF/WRF file validation flaws that can lead to remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of ARF/WRF files. Impact: ...

9.3CVSS7.7AI score0.02125EPSS
CVE
CVE
added 2019/01/23 11:0 p.m.53 views

CVE-2019-1638

CVE-2019-1638 refers to multiple Cisco Webex-related RCE issues in the Windows players. The root cause is improper validation of ARF/WRF files in the Cisco Webex Network Recording Player and Webex Player for Windows, allowing arbitrary code execution when a user opens a crafted ARF/WRF file or vi...

9.3CVSS7.7AI score0.0148EPSS
CVE
CVE
added 2019/01/23 11:0 p.m.53 views

CVE-2019-1640

Summary: CVE-2019-1640 affects Cisco Webex Network Recording Player and Webex Player for Windows. The issue is a buffer overflow caused by improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code on a vulnerable system. Exploitation involves sending a user a malicious ...

9.3CVSS7.7AI score0.0148EPSS
CVE
CVE
added 2020/08/17 6:0 p.m.52 views

CVE-2020-3472

CVE-2020-3472 affects Cisco Webex Meetings via the Contacts feature. An authenticated, legitimate user can exploit improper access controls on users added to a contact list to view other users’ details (names, email addresses) by sending specially crafted requests. Impact and affected behavior ar...

5CVSS5AI score0.01133EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.51 views

CVE-2018-15411

The CVE-2018-15411 issue affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, allowing arbitrary code execution when a user opens a malicious ARF/WRF file (via link or email attachment). Exploitation r...

9.3CVSS7.7AI score0.02015EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.51 views

CVE-2018-15413

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are vulnerable to remote code execution due to improper validation of ARF/WRF files. An attacker can craft a malicious ARF/WRF file and entice a user to open it, potentially executing arbitrary code in the user’s process afte...

9.3CVSS7.7AI score0.02125EPSS
CVE
CVE
added 2019/01/23 11:0 p.m.51 views

CVE-2019-1641

Cisco Webex Network Recording Player and Webex Player for Windows are affected by CVE-2019-1641. The issue stems from improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. Exploitation is describe...

9.3CVSS7.7AI score0.01431EPSS
Total number of security vulnerabilities59