Lucene search
K

24 matches found

CVE
CVE
added 2021/04/08 4:6 a.m.4750 views

CVE-2021-1467

CVE-2021-1467 affects Cisco Webex Meetings for Android. The issue stems from improper authorization checks, allowing an authenticated remote actor in the same meeting to modify another user’s avatar by sending a crafted request to the targeted Webex client. Impact is limited to avatar modificatio...

4.3CVSS4.4AI score0.00745EPSS
CVE
CVE
added 2021/02/17 4:55 p.m.1880 views

CVE-2021-1372

Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows are affected by a local information-disclosure vulnerability due to unsafe shared-memory usage. An authenticated, local attacker with access to system memory can exploit this by running a local app that reads shared memory,...

5.5CVSS5.3AI score0.0041EPSS
CVE
CVE
added 2020/11/06 6:16 p.m.1293 views

CVE-2020-3588

CVE-2020-3588 affects Cisco Webex Meetings Desktop App for Windows in virtual desktop environments. The root cause is improper validation of messages processed by the virtualization channel interface, allowing a local attacker with limited privileges to execute arbitrary code with the user’s priv...

7.8CVSS7.5AI score0.00393EPSS
CVE
CVE
added 2020/09/04 2:25 a.m.1192 views

CVE-2020-3541

CVE-2020-3541 affects Cisco Webex on Windows (Webex Meetings Client/Desktop App/Teams). The root cause is unsafe logging of authentication requests, allowing an authenticated, local attacker to read log files in the application directory and access sensitive information. Impact is information dis...

4.4CVSS4.8AI score0.00326EPSS
CVE
CVE
added 2020/06/18 2:16 a.m.954 views

CVE-2020-3347

CVE-2020-3347 affects Cisco Webex Meetings Desktop App for Windows. The flaw stems from unsafe usage of shared memory in the Webex memory map/trace implementation, allowing an authenticated, local attacker to read sensitive data (e.g., usernames, meeting information, authentication tokens) from s...

5.5CVSS5.4AI score0.00351EPSS
CVE
CVE
added 2020/07/16 5:21 p.m.531 views

CVE-2020-3345

Cisco Webex Meetings and Webex Meetings Server are affected by CVE-2020-3345, an HTML injection vulnerability rooted in improper parameter validation on web pages. An unauthenticated, remote attacker can entice a user to follow a crafted link that injects HTML into an affected parameter, enabling...

4.3CVSS4.5AI score0.01212EPSS
CVE
CVE
added 2021/06/04 4:46 p.m.526 views

CVE-2021-1544

CVE-2021-1544 describes an information-disclosure vulnerability in the Cisco Webex Meetings client’s logging mechanism. An authenticated, local attacker could access files containing logged actions and potentially view sensitive data, including meeting content and transcriptions. Public sources i...

5.5CVSS5.5AI score0.00228EPSS
CVE
CVE
added 2020/08/26 4:16 p.m.520 views

CVE-2020-3440

CVE-2020-3440 affects Cisco Webex Meetings Desktop App for Windows. The root cause is improper validation of URL parameters sent from a website, enabling an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. Exploitation involves convincing a user to click a craf...

6.5CVSS6.6AI score0.0262EPSS
CVE
CVE
added 2018/05/02 10:0 p.m.362 views

CVE-2018-0264

Summary: CVE-2018-0264 affects Cisco WebEx ARF playback components across WebEx Business Suite, Meetings sites, Meetings Server, and ARF Player. An unauthenticated, remote attacker can trigger arbitrary code execution by sending a user a link or email attachment containing a malicious ARF file an...

9.6CVSS9.3AI score0.03206EPSS
CVE
CVE
added 2019/11/26 3:11 a.m.177 views

CVE-2019-15960

CVE-2019-15960 is a Cisco Webex Meetings privilege-escalation vulnerability affecting the Webex Network Recording Admin page. The issue arises from insufficient access-control validation, allowing an authenticated, low-privilege administrator to exploit a crafted URL request to gain privileged ac...

6.5CVSS5.4AI score0.01278EPSS
CVE
CVE
added 2021/01/13 9:46 p.m.175 views

CVE-2021-1310

CVE-2021-1310 affects Cisco Webex Meetings’ web-based management interface. It is an open redirect vulnerability caused by improper validation of URL parameters in an HTTP request, allowing an unauthenticated attacker to persuade a user to click a crafted link and be redirected to a malicious sit...

4.7CVSS4.7AI score0.01582EPSS
CVE
CVE
added 2019/11/26 3:41 a.m.115 views

CVE-2019-16001

Cisco Webex Teams for Windows is affected by CVE-2019-16001: a DLL hijacking vulnerability due to insufficient validation of resources loaded at run time. An authenticated, local attacker can craft a malicious DLL and place it in a specific location; the DLL executes when the vulnerable app launc...

5.3CVSS5.6AI score0.00377EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.113 views

CVE-2020-3155

CVE-2020-3155 is a Cisco Intelligent Proximity SSL certificate validation vulnerability. The issue stems from a lack of validation of the SSL server certificate when establishing connections to Cisco Webex video devices or Cisco collaboration endpoints. An unauthenticated, remote attacker could p...

7.4CVSS7.3AI score0.00874EPSS
CVE
CVE
added 2019/02/28 6:0 p.m.96 views

CVE-2019-1674

CVE-2019-1674 is a local OS command injection in Cisco Webex Updates: the update service accepts crafted parameters, allowing an attacker with local access to execute commands with SYSTEM privileges. Affected: Cisco Webex Meetings Desktop App for Windows and Cisco Webex Productivity Tools. Root c...

9CVSS8.3AI score0.10759EPSS
CVE
CVE
added 2020/06/18 2:21 a.m.91 views

CVE-2020-3263

The CVE-2020-3263 entry concerns Cisco Webex Meetings Desktop App. Affected component: the client’s URL handling where input is not properly validated. Root cause: improper validation of input supplied to application URLs. Impact: could allow an unauthenticated, remote attacker to persuade a user...

7.6CVSS7.8AI score0.04117EPSS
CVE
CVE
added 2020/06/18 2:16 a.m.80 views

CVE-2020-3342

CVE-2020-3342 is a code-execution vulnerability in Cisco Webex Meetings Desktop App for Mac related to the update feature. The issue stems from improper validation of cryptographic protections on files downloaded during an update, allowing an unauthenticated, remote attacker to persuade a user to...

9.3CVSS9AI score0.03797EPSS
CVE
CVE
added 2020/11/06 6:17 p.m.80 views

CVE-2020-3603

Cisco WebEx Network Recording Player for Windows and Cisco WebEx Player for Windows contain ARF/WRF parsing vulnerabilities that allow remote code execution. The issue stems from insufficient validation of elements within Webex recordings, enabling a malicious ARF/WRF file delivered via link or e...

9.3CVSS7.9AI score0.02506EPSS
CVE
CVE
added 2020/11/06 6:17 p.m.74 views

CVE-2020-3604

Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by ARF/WRF parsing vulnerabilities (CVE-2020-3604). The issue stems from insufficient validation of Webex recording elements, enabling an attacker to execute arbitrary code when a user opens a malicio...

9.3CVSS7.9AI score0.02432EPSS
CVE
CVE
added 2021/01/13 9:46 p.m.65 views

CVE-2021-1311

CVE-2021-1311 affects Cisco Webex Meetings and Cisco Webex Meetings Server, specifically the reclaim host role feature. The root cause is a lack of protection against brute-forcing of the host key, enabling an authenticated, remote attacker to take over the host role during a meeting. An attacker...

5.5CVSS5.4AI score0.01263EPSS
CVE
CVE
added 2021/02/04 4:35 p.m.61 views

CVE-2021-1221

The CVE-2021-1221 issue affects Cisco Webex Meetings and Webex Meetings Server UI. It arises from insufficient input validation that lets an authenticated, remote attacker inject a hyperlink into a meeting invitation email by entering a URL into a UI field. A successful exploit could generate an ...

4.1CVSS4.3AI score0.0103EPSS
CVE
CVE
added 2019/02/07 7:0 p.m.56 views

CVE-2019-1677

Summary: CVE-2019-1677 is a cross-site scripting vulnerability in Cisco Webex Meetings for Android. An unauthenticated, local attacker could exploit insufficient validation of input parameters by sending a crafted intent, allowing script execution in the Webex app context. Affected versions: prio...

5CVSS4.7AI score0.00392EPSS
CVE
CVE
added 2020/08/17 6:0 p.m.51 views

CVE-2020-3501

Cisco Webex Meetings Desktop App has CVE-2020-3501 describing information disclosure due to improper input validation of parameters returned from a website. An authenticated, remote attacker could lure a user to a crafted URL to access restricted information from other Webex users. Multiple sourc...

4.1CVSS4.5AI score0.01019EPSS
CVE
CVE
added 2020/08/17 6:0 p.m.48 views

CVE-2020-3502

Cisco Webex Meetings Desktop App contains information disclosure vulnerabilities in its user interface due to improper input validation of parameters returned from a website. An authenticated remote attacker could lure a user via a crafted URL to extract restricted information from other Webex us...

4.1CVSS4.5AI score0.01019EPSS
CVE
CVE
added 2025/09/03 5:41 p.m.24 views

CVE-2025-20291

CVE-2025-20291 (Cisco Webex Meetings URL Redirect) : A vulnerability in Cisco Webex Meetings arises from insufficient validation of URLs in a meeting-join URL, enabling an unauthenticated, remote attacker to redirect a targeted user to a site controlled by the attacker. The issue is mitigated by ...

6.1CVSS6.5AI score0.00219EPSS