Lucene search
K
CiscoWebex Teams

19 matches found

CVE
CVE
added 2020/10/08 4:20 a.m.1454 views

CVE-2020-3535

CVE-2020-3535 – Cisco Webex Teams for Windows DLL Hijacking . A local, authenticated attacker can place a malicious DLL in a specific location; when Webex Teams launches, the DLL is loaded and code executes with the privileges of another user. The vulnerability stems from incorrect runtime handli...

8.4CVSS8.1AI score0.00593EPSS
CVE
CVE
added 2022/09/08 12:30 p.m.1344 views

CVE-2022-20863

Cisco Webex App (formerly Webex Teams) contains a vulnerability in its messaging interface that could allow an unauthenticated, remote attacker to manipulate displayed links or content by exploiting improper handling of character rendering. The issue arises when messages are processed in the inte...

5.3CVSS5AI score0.00767EPSS
CVE
CVE
added 2020/09/04 2:25 a.m.1192 views

CVE-2020-3541

CVE-2020-3541 affects Cisco Webex on Windows (Webex Meetings Client/Desktop App/Teams). The root cause is unsafe logging of authentication requests, allowing an authenticated, local attacker to read log files in the application directory and access sensitive information. Impact is information dis...

4.4CVSS4.8AI score0.00326EPSS
CVE
CVE
added 2021/01/13 9:17 p.m.867 views

CVE-2021-1242

CVE-2021-1242 affects Cisco Webex Teams (Webex/Jabber client) where the shared-file name display can be manipulated due to improper character rendering. An unauthenticated, remote attacker could share a file to alter how the file name appears in the messaging interface, enabling phishing or spoof...

4.3CVSS4.4AI score0.01352EPSS
CVE
CVE
added 2019/02/25 6:0 p.m.250 views

CVE-2019-1689

Cisco Webex Teams for iOS has a vulnerability in the iOS client app’s input validation that could allow an authenticated, remote attacker to upload arbitrary files within the app’s scope. An attacker could lure a targeted user into opening a malicious file, potentially overwriting sensitive appli...

7.3CVSS7AI score0.01574EPSS
CVE
CVE
added 2025/04/16 4:16 p.m.220 views

CVE-2025-20236

Cisco Webex App is affected by a client-side vulnerability in the custom URL parser that could allow an unauthenticated attacker to convince a user to download arbitrary files, potentially executing commands with the user’s privileges. Root cause: insufficient input validation when processing mee...

8.8CVSS9AI score0.00908EPSS
CVE
CVE
added 2020/01/26 4:31 a.m.213 views

CVE-2020-3131

The CVE-2020-3131 issue affects the Cisco Webex Teams client for Windows, caused by insufficient input validation when processing received adaptive cards. Affected component: the Windows client (Release 3.0.13131). Exploit requires an authenticated attacker with a valid developer account to send ...

6.5CVSS6.4AI score0.0218EPSS
CVE
CVE
added 2019/09/05 1:25 a.m.148 views

CVE-2019-1939

Cisco Webex Teams for Windows is affected by a command-execution vulnerability arising from improper restrictions on the software’s logging features. An unauthenticated, remote attacker can lure a target user to visit a crafted website, enabling the attacker to modify files and run arbitrary comm...

9.3CVSS8.6AI score0.04729EPSS
CVE
CVE
added 2019/11/26 3:41 a.m.114 views

CVE-2019-16001

Cisco Webex Teams for Windows is affected by CVE-2019-16001: a DLL hijacking vulnerability due to insufficient validation of resources loaded at run time. An authenticated, local attacker can craft a malicious DLL and place it in a specific location; the DLL executes when the vulnerable app launc...

5.3CVSS5.6AI score0.00377EPSS
CVE
CVE
added 2020/03/04 6:40 p.m.113 views

CVE-2020-3155

CVE-2020-3155 is a Cisco Intelligent Proximity SSL certificate validation vulnerability. The issue stems from a lack of validation of the SSL server certificate when establishing connections to Cisco Webex video devices or Cisco collaboration endpoints. An unauthenticated, remote attacker could p...

7.4CVSS7.3AI score0.00874EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.95 views

CVE-2021-1536

CVE-2021-1536 affects Cisco Webex products on Windows (Webex Meetings Desktop App, Webex Meetings Server, Webex Network Recording Player, and Webex Teams). The issue is a directory-path handling flaw that lets an authenticated, local attacker place a configuration file to cause loading of a malic...

7.8CVSS6.8AI score0.00326EPSS
CVE
CVE
added 2024/07/17 4:32 p.m.95 views

CVE-2024-20395

Cisco Webex App contains a vulnerability in the media retrieval functionality that could allow an unauthenticated, adjacent attacker to access sensitive session information by intercepting insecurely transmitted requests for embedded media. The root cause is insecure transmission of requests to b...

7.3CVSS6.5AI score0.00217EPSS
CVE
CVE
added 2019/01/23 11:0 p.m.94 views

CVE-2019-1636

Cisco Webex Teams (formerly Cisco Spark) is affected by CVE-2019-1636, an insecure library loading vulnerability in the Webex Teams URI handler. The issue arises from unsafe search paths used by the Windows URI, allowing a crafted library placed in a targeted directory to be loaded by the applica...

9.3CVSS7.9AI score0.46891EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.86 views

CVE-2023-20104

CVE-2023-20104 affects Cisco Webex App for Web. The vulnerability resides in the file upload functionality where insufficient validation of user-supplied input enables an unauthenticated, remote attacker to trigger cross-site scripting (XSS) by persuading a user to visit a crafted URL after recei...

6.1CVSS6.1AI score0.00481EPSS
CVE
CVE
added 2024/07/17 4:33 p.m.85 views

CVE-2024-20396

CVE-2024-20396 affects Cisco Webex App: vulnerability in protocol/file handlers allows unauthenticated, remote access to sensitive information via specially crafted links. Impact targets credentials transmitted in requests; CVSS info shows network vector with user interaction required. Cisco advi...

6.5CVSS7AI score0.00417EPSS
CVE
CVE
added 2021/06/04 4:45 p.m.82 views

CVE-2021-1502

CVE-2021-1502 affects Cisco Webex Network Recording Player and Webex Player for Windows and macOS. Root cause: memory corruption due to insufficient validation of ARF/WRF recording files. Attackers can deliver a crafted ARF/WRF via a link or email attachment and persuade a user to open it, enabli...

7.8CVSS7.8AI score0.01081EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.67 views

CVE-2018-0436

CVE-2018-0436 concerns Cisco Webex Teams (formerly Cisco Spark). The issue arises from insufficient checks for associations between user accounts and organization accounts, enabling an authenticated, remote attacker with administrator or compliance officer privileges for one organization to view ...

8.7CVSS8.6AI score0.01284EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.63 views

CVE-2018-0387

CVE-2018-0387 describes a remote code execution vulnerability in Cisco Webex Teams for Windows and macOS. The issue stems from improper input sanitization, allowing an unauthenticated, remote attacker to craft a malicious link that, when opened by a user, could execute arbitrary code with elevate...

9.3CVSS8.9AI score0.03106EPSS
CVE
CVE
added 2024/11/18 4:10 p.m.56 views

CVE-2020-26067

CVE-2020-26067 concerns Cisco Webex Teams web interface. Affected component: web-based interface; issue arises from improper validation of usernames. An authenticated, remote attacker can create an account containing malicious HTML/script and join a space with that name, enabling cross-site scrip...

5.4CVSS5.4AI score0.00771EPSS