Lucene search
+L
CiscoWebex Meetings Online*

41 matches found

cve
cve
added 2020/01/26 4:55 a.m.173 views

CVE-2020-3142

CVE-2020-3142 affects Cisco Webex Meetings Suite sites and Webex Meetings Online sites via an unauthenticated join flow in mobile Webex apps. An attacker could join a password-protected meeting by using a known meeting ID/URL from a mobile browser, without providing the meeting password; the atte...

7.5CVSS7.2AI score0.0149EPSS
cve
cve
added 2019/08/07 9:10 p.m.96 views

CVE-2019-1924

Cisco CVE-2019-1924 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue stems from improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. The exploit...

9.3CVSS7.9AI score0.01465EPSS
cve
cve
added 2019/08/07 9:20 p.m.95 views

CVE-2019-1928

The CVE-2019-1928 entries describe multiple ARF/WRF parsing vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, which can be exploited by sending a malicious file via a link or email attach...

9.3CVSS7.9AI score0.01452EPSS
cve
cve
added 2019/11/26 3:12 a.m.92 views

CVE-2019-15284

Consolidated details confirm CVE-2019-15284 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is insufficient validation of certain elements within ARF/WRF Webex recordings, enabling an attacker to execute arbitrary code on a targeted syst...

9.3CVSS7.8AI score0.01404EPSS
cve
cve
added 2019/08/07 9:15 p.m.89 views

CVE-2019-1927

CVE-2019-1927 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a malicious ARF/WRF file received via link or email attachment. Impact: code runs with the user’s pr...

9.3CVSS8AI score0.01465EPSS
cve
cve
added 2019/08/07 9:20 p.m.88 views

CVE-2019-1929

The CVE-2019-1929 family covers multiple vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code on the target system. Exploitation requires a user to open a ...

9.3CVSS7.9AI score0.01452EPSS
cve
cve
added 2020/03/04 6:40 p.m.87 views

CVE-2020-3127

Cisco WebEx Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3127 and related CVEs due to improper validation in ARF/WRF file parsing. The root cause is an uninitialized pointer access during ARF/WRF processing, enabling remote code execution. An attacker can e...

9.3CVSS7.8AI score0.02256EPSS
cve
cve
added 2020/09/23 12:35 a.m.86 views

CVE-2019-15285

Cisco CVE-2019-15285 covers multiple arbitrary-code-execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. Root cause: insufficient validation of elements in Webex recordings stored as ARF/WRF, exploitable when a user opens a crafted ARF/WRF file del...

9.3CVSS7.8AI score0.01715EPSS
cve
cve
added 2019/11/26 3:11 a.m.84 views

CVE-2019-15286

CVE-2019-15286 covers multiple arbitrary code execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows caused by insufficient validation of Webex ARF/WRF recordings. An attacker could craft a malicious ARF/WRF file and persuade a user to open it, execut...

9.3CVSS7.8AI score0.01404EPSS
cve
cve
added 2020/03/04 6:40 p.m.83 views

CVE-2020-3128

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3128 due to insufficient validation of elements in ARF/WRF Webex recordings. An attacker could deliver a crafted ARF/WRF file via link or email and persuade a user to open it, risking arbitrary code e...

9.3CVSS7.8AI score0.01893EPSS
cve
cve
added 2019/08/07 9:15 p.m.81 views

CVE-2019-1926

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2019-1926 due to improper validation of ARF/WRF files, enabling arbitrary code execution. The exploit involves sending a malicious ARF/WRF file via a link or email attachment and convincing the user to ope...

9.3CVSS7.9AI score0.01508EPSS
cve
cve
added 2019/08/07 9:10 p.m.76 views

CVE-2019-1925

Cisco Webex Network Recording Player and Webex Player for Windows are affected by multiple issues caused by improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted ARF/WRF file delivered via link or email attachment. The vulnerabilities stem from memory...

9.3CVSS7.9AI score0.01452EPSS
cve
cve
added 2019/05/15 7:25 p.m.74 views

CVE-2019-1773

The CVE-2019-1773 issue affects the Cisco Webex Network Recording Player and the Cisco Webex Player for Windows. The vulnerability arises from improper validation of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files, allowing an attacker to execute arbitrary code when a user ...

9.3CVSS7.6AI score0.01713EPSS
cve
cve
added 2020/09/23 12:35 a.m.71 views

CVE-2019-15283

CVE-2019-15283 involves multiple arbitrary code execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The flaws arise from insufficient validation of elements within Webex recordings stored in ARF or WRF formats. An attacker could deliver a maliciou...

9.3CVSS7.8AI score0.01715EPSS
cve
cve
added 2020/04/15 8:10 p.m.71 views

CVE-2020-3194

The CVE-2020-3194 issue affects Cisco Webex Network Recording Player and Cisco Webex Player on Windows. It arises from insufficient validation of elements within a Webex recording stored as ARF/WRF, allowing an unauthenticated attacker to craft a malicious file and coerce a user to open it, there...

9.3CVSS7.7AI score0.01907EPSS
cve
cve
added 2020/09/23 12:35 a.m.70 views

CVE-2019-15287

CVE-2019-15287 covers multiple arbitrary-code-execution vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The flaws arise from insufficient validation of elements within Webex recordings stored in ARF or WRF formats. An attacker could entice a...

9.3CVSS7.8AI score0.01715EPSS
cve
cve
added 2020/08/17 6:1 p.m.65 views

CVE-2020-3412

The CVE-2020-3412 issue affects Cisco Webex Meetings: an authenticated, remote attacker could create a scheduled meeting template that belongs to another user due to insufficient authorization enforcement in the scheduled meeting template feature. Exploitation involves sending a crafted request t...

4.3CVSS4.5AI score0.00721EPSS
cve
cve
added 2019/05/15 7:20 p.m.64 views

CVE-2019-1771

CVE-2019-1771 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachment. ...

7.8CVSS7.6AI score0.00508EPSS
cve
cve
added 2018/07/18 11:0 p.m.59 views

CVE-2018-0379

Cisco WebEx Network Recording Player/Recorder and WebEx Recording Format (WRF) parsing vulnerabilities exist in ARF/WRF handling. Multiple issues (e.g., ARF/WRF parsing) can cause heap-based or integer overflow, leading to remote code execution when a user opens a malicious ARF/WRF file or views ...

7.8CVSS7.8AI score0.01813EPSS
cve
cve
added 2020/08/17 6:0 p.m.59 views

CVE-2020-3463

Summary of CVE-2020-3463 (Cisco Webex Meetings) : A vulnerability in the web-based management interface allows an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack due to insufficient validation of user-supplied input. An attacker can lure a user to click a malicious...

6.1CVSS5.9AI score0.0083EPSS
cve
cve
added 2018/10/05 2:0 p.m.58 views

CVE-2018-15410

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is faulty, allowing an attacker who persuades a user to open a malicious file to execute arbitrary code with the user’s privileges. Root cause cited across sources...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.58 views

CVE-2018-15421

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2018-15421 due to improper validation of ARF/WRF files. An attacker can deliver a malicious ARF/WRF file via a link or email attachment and persuade a user to open it, potentially allowing arbitrary code e...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.58 views

CVE-2018-15431

Cisco Webex Network Recording Player and Webex Player for Windows are affected by CVE-2018-15431. The vulnerability arises from improper validation of ARF/WRF files, allowing an attacker to execute arbitrary code on an affected system when a user opens a malicious ARF/WRF file delivered via a lin...

7.3CVSS7.3AI score0.0049EPSS
cve
cve
added 2018/10/05 2:0 p.m.57 views

CVE-2018-15415

CVE-2018-15415 affects the Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The issue stems from improper validation in ARF/WRF file parsing, allowing an attacker to execute arbitrary code on a vulnerable system. ZDI describes a remote code execution via a crafted ARF file...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2018/10/05 2:0 p.m.57 views

CVE-2018-15422

Cisco Webex Network Recording Player (Windows) and Cisco Webex Player for Windows are affected by ARF/WRF file validation flaws that allow remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of WebEx recording f...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.56 views

CVE-2018-0422

Summary: CVE-2018-0422 affects Cisco Webex Meetings Client for Windows. The vulnerability stems from folder permissions that allow a user to read, write, and execute files in the Webex user directories, enabling an authenticated, local attacker to modify locally stored files and execute code with...

7.3CVSS7.6AI score0.0107EPSS
cve
cve
added 2020/08/17 6:1 p.m.56 views

CVE-2020-3413

The CVE-2020-3413 issue affects Cisco Webex Meetings, specifically the scheduled meeting template deletion feature. The root cause is insufficient authorization enforcement for requests to delete scheduled meeting templates, allowing an authenticated, remote attacker to delete a template belongin...

4.3CVSS4.5AI score0.00721EPSS
cve
cve
added 2019/05/15 7:25 p.m.55 views

CVE-2019-1772

CVE-2019-1772 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling a crafted file to cause arbitrary code execution on the affected system when a user opens it. Exploit path: attacker emails or link...

9.3CVSS7.6AI score0.01713EPSS
cve
cve
added 2018/10/05 2:0 p.m.54 views

CVE-2018-15408

CVE-2018-15408 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted file received via link or email attachment. ZDI details indicate remote code execution wi...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2020/08/17 6:0 p.m.54 views

CVE-2020-3472

CVE-2020-3472 affects Cisco Webex Meetings via the Contacts feature. An authenticated, legitimate user can exploit improper access controls on users added to a contact list to view other users’ details (names, email addresses) by sending specially crafted requests. Impact and affected behavior ar...

5CVSS5AI score0.01133EPSS
cve
cve
added 2018/10/05 2:0 p.m.53 views

CVE-2018-15414

Cisco Webex Network Recording Player (Windows) and Cisco Webex Player are affected by ARF/WRF file validation flaws that can lead to remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of ARF/WRF files. Impact: ...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2019/02/07 9:0 p.m.53 views

CVE-2019-1680

The CVE-2019-1680 issue affects Cisco Webex Business Suite pre-3.0.9 where improper input validation allows an unauthenticated, remote attacker to inject arbitrary text into a user’s browser via a malicious URL, enabling content injection and potential spoofing. Connected sources corroborate the ...

4.3CVSS4.8AI score0.01412EPSS
cve
cve
added 2018/10/05 2:0 p.m.52 views

CVE-2018-15411

The CVE-2018-15411 issue affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, allowing arbitrary code execution when a user opens a malicious ARF/WRF file (via link or email attachment). Exploitation r...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.52 views

CVE-2018-15413

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are vulnerable to remote code execution due to improper validation of ARF/WRF files. An attacker can craft a malicious ARF/WRF file and entice a user to open it, potentially executing arbitrary code in the user’s process afte...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2018/10/05 2:0 p.m.51 views

CVE-2018-15412

CVE-2018-15412 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code by delivering a malicious ARF/WRF file via link or email and convincing a user to ...

9.3CVSS7.9AI score0.02125EPSS
cve
cve
added 2018/10/05 2:0 p.m.51 views

CVE-2018-15418

CVE-2018-15418 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. Impact is arbitrary code execution wi...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.50 views

CVE-2018-15416

CVE-2018-15416 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling a crafted file to trigger arbitrary code execution when a user opens it with the affected software. Attacks require user interaction (ph...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2018/10/05 2:0 p.m.48 views

CVE-2018-15417

Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is improper, enabling arbitrary code execution when a user opens a malicious ARF/WRF file sent via link or attachment. The flaw allows remote code exec...

9.3CVSS7.7AI score0.02125EPSS
cve
cve
added 2018/10/05 2:0 p.m.48 views

CVE-2018-15419

The CVE-2018-15419 issue affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF and WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via a link or email attachment. Impact is arbit...

9.3CVSS7.7AI score0.02015EPSS
cve
cve
added 2018/10/05 2:0 p.m.47 views

CVE-2018-15409

Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability in ARF/WRF file processing that could allow remote code execution. The root cause is improper validation of ARF/WRF data, enabling an attacker to craft a malicious file or link sent...

7.8CVSS7.7AI score0.0186EPSS
cve
cve
added 2018/10/05 2:0 p.m.46 views

CVE-2018-15420

Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by CVE-2018-15420. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachm...

9.3CVSS7.7AI score0.02125EPSS