Lucene search
+L
CiscoWebex Meetings Server*

19 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6923 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2021/02/17 4:55 p.m.1881 views

CVE-2021-1372

Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows are affected by a local information-disclosure vulnerability due to unsafe shared-memory usage. An authenticated, local attacker with access to system memory can exploit this by running a local app that reads shared memory,...

5.5CVSS5.3AI score0.0041EPSS
CVE
CVE
added 2020/06/18 2:17 a.m.1306 views

CVE-2020-3361

CVE-2020-3361 affects Cisco Webex Meetings and Webex Meetings Server. Description: an unauthenticated, remote attacker can bypass proper handling of authentication tokens to gain the privileges of another Webex user. The issue arises from improper handling of authentication tokens by vulnerable W...

9.8CVSS9.2AI score0.02364EPSS
CVE
CVE
added 2020/11/18 5:41 p.m.907 views

CVE-2020-3441

Cisco Webex Meetings and Cisco Webex Meetings Server are affected by CVE-2020-3441, a information-disclosure vulnerability caused by insufficient protection of sensitive participant information. An unauthenticated, remote attacker could browse the Webex roster and obtain details such as email and...

5.3CVSS5.1AI score0.01546EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.87 views

CVE-2020-3127

Cisco WebEx Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3127 and related CVEs due to improper validation in ARF/WRF file parsing. The root cause is an uninitialized pointer access during ARF/WRF processing, enabling remote code execution. An attacker can e...

9.3CVSS7.8AI score0.02256EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.84 views

CVE-2020-3128

Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3128 due to insufficient validation of elements in ARF/WRF Webex recordings. An attacker could deliver a crafted ARF/WRF file via link or email and persuade a user to open it, risking arbitrary code e...

9.3CVSS7.8AI score0.01893EPSS
CVE
CVE
added 2020/11/18 5:41 p.m.84 views

CVE-2020-3471

CVE-2020-3471 affects Cisco Webex Meetings and Cisco Webex Meetings Server. The issue is a synchronization flaw between meeting and media services that can allow an unauthenticated, remote attacker to keep bidirectional audio after the attacker is expelled from a Webex session. Attackers could ex...

6.5CVSS6.5AI score0.01734EPSS
CVE
CVE
added 2020/11/18 5:41 p.m.79 views

CVE-2020-3419

CVE-2020-3419 affects Cisco Webex Meetings and Cisco Webex Meetings Server. The root cause is improper handling of authentication tokens, allowing an unauthenticated, remote attacker to join a Webex meeting without appearing on the participant list. Exploitation requires access to join links and ...

9.1CVSS7.2AI score0.01744EPSS
CVE
CVE
added 2019/05/15 7:25 p.m.75 views

CVE-2019-1773

The CVE-2019-1773 issue affects the Cisco Webex Network Recording Player and the Cisco Webex Player for Windows. The vulnerability arises from improper validation of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files, allowing an attacker to execute arbitrary code when a user ...

9.3CVSS7.6AI score0.01713EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.72 views

CVE-2021-1517

CVE-2021-1517 concerns a vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Webex Meetings Server . The issue arises from unsafe handling of shared content within the multimedia viewer, enabling an authenticated, remote attacker to bypass security protections by sharing a ...

5CVSS4.7AI score0.00825EPSS
CVE
CVE
added 2020/04/15 8:10 p.m.71 views

CVE-2020-3194

The CVE-2020-3194 issue affects Cisco Webex Network Recording Player and Cisco Webex Player on Windows. It arises from insufficient validation of elements within a Webex recording stored as ARF/WRF, allowing an unauthenticated attacker to craft a malicious file and coerce a user to open it, there...

9.3CVSS7.7AI score0.01907EPSS
CVE
CVE
added 2019/08/08 7:30 a.m.68 views

CVE-2019-1954

Cisco Webex Meetings Server Open Redirect (CVE-2019-1954) is due to improper input validation of URL parameters in the web-based management interface. An unauthenticated, remote attacker could craft an HTTP request to cause the application to redirect a user to a malicious URL. Cisco’s advisory s...

6.1CVSS5.5AI score0.01069EPSS
CVE
CVE
added 2018/01/18 6:0 a.m.66 views

CVE-2018-0109

CVE-2018-0109 affects Cisco WebEx Meetings Server (CWMS). The vulnerability is an information-disclosure flaw that could allow an authenticated attacker with root privileges to view sensitive data and shared secrets by accessing the root account. Consequences: potential exposure of application de...

4CVSS3.7AI score0.01218EPSS
CVE
CVE
added 2018/01/18 6:0 a.m.66 views

CVE-2018-0111

CVE-2018-0111 concerns Cisco WebEx Meetings Server and is described in multiple sources as an information-disclosure vulnerability that could allow an unauthenticated, remote attacker to access sensitive data about the application. The root cause is a design flaw that could expose internal networ...

5.3CVSS5.3AI score0.01723EPSS
CVE
CVE
added 2021/01/13 9:46 p.m.66 views

CVE-2021-1311

CVE-2021-1311 affects Cisco Webex Meetings and Cisco Webex Meetings Server, specifically the reclaim host role feature. The root cause is a lack of protection against brute-forcing of the host key, enabling an authenticated, remote attacker to take over the host role during a meeting. An attacker...

5.5CVSS5.4AI score0.01263EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.64 views

CVE-2021-1525

Cisco Webex Meetings and Webex Meetings Server are affected by CVE-2021-1525, an input-validation flaw in URL paths that allows an unauthenticated, remote attacker to redirect users to a remote (malicious) file. Exploitation requires convincing a user to follow a crafted URL, enabling the attacke...

6.1CVSS5.1AI score0.00783EPSS
CVE
CVE
added 2021/02/04 4:35 p.m.62 views

CVE-2021-1221

The CVE-2021-1221 issue affects Cisco Webex Meetings and Webex Meetings Server UI. It arises from insufficient input validation that lets an authenticated, remote attacker inject a hyperlink into a meeting invitation email by entering a URL into a UI field. A successful exploit could generate an ...

4.1CVSS4.3AI score0.0103EPSS
CVE
CVE
added 2018/01/18 6:0 a.m.58 views

CVE-2018-0108

Cisco WebEx Meetings Server is affected by an XML External Entity (XXE) injection allowing an unauthenticated, remote attacker to perform out-of-band data exfiltration. The vulnerability enables disclosure of customer files and can be leveraged to gather information for reconnaissance, with the a...

5.3CVSS5.8AI score0.01834EPSS
CVE
CVE
added 2018/01/18 6:0 a.m.55 views

CVE-2018-0110

CVE-2018-0110 affects Cisco WebEx Meetings Server. A design flaw prevents disabling access to configured remote support accounts after web-admin action, enabling an authenticated, remote attacker to connect to the remote support account, modify server configuration and gain access to customer dat...

8.1CVSS8AI score0.01443EPSS