Webex Teams Security Vulnerabilities and Issues — Webex Teams CVE List

Lucene search

CiscoWebex Teams

15 matches found

CVE•added 2020/10/08 5:15 a.m.•1437 views

CVE-2020-3535

A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. The vulnerability is due to inco...

8.4CVSS8.1AI score0.00054EPSS

CVE•added 2022/09/08 1:15 p.m.•1313 views

CVE-2022-20863

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character render...

5.3CVSS5AI score0.00233EPSS

CVE•added 2020/09/04 3:15 a.m.•1176 views

CVE-2020-3541

A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information. The vulnerability is due to unsafe logging ...

4.4CVSS4.8AI score0.00062EPSS

CVE•added 2021/01/13 10:15 p.m.•855 views

CVE-2021-1242

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file within ...

4.3CVSS4.4AI score0.00373EPSS

CVE•added 2019/02/25 6:0 p.m.•225 views

CVE-2019-1689

A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. The vulnerability is due to improper input validation in the client application. An attacker could exploit this vul...

7.3CVSS7AI score0.00337EPSS

CVE•added 2020/01/26 5:15 a.m.•199 views

CVE-2020-3131

A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insuffici...

6.5CVSS6.4AI score0.00744EPSS

CVE•added 2019/09/05 2:15 a.m.•134 views

CVE-2019-1939

A vulnerability in the Cisco Webex Teams client for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. This vulnerability is due to improper restrictions on software logging features used by the application on Windows operating systems. An a...

9.3CVSS8.6AI score0.02803EPSS

CVE•added 2020/03/04 7:15 p.m.•97 views

CVE-2020-3155

A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Pr...

7.4CVSS7.3AI score0.0025EPSS

CVE•added 2019/11/26 4:15 a.m.•96 views

CVE-2019-16001

A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vu...

5.3CVSS5.6AI score0.0019EPSS

CVE•added 2019/01/23 11:0 p.m.•82 views

CVE-2019-1636

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit thi...

9.3CVSS7.9AI score0.08591EPSS

CVE•added 2021/06/04 5:15 p.m.•76 views

CVE-2021-1536

A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vul...

7.8CVSS6.8AI score0.00065EPSS

CVE•added 2023/03/03 4:15 p.m.•72 views

CVE-2023-20104

A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An attacker could ...

6.1CVSS6.1AI score0.0012EPSS

CVE•added 2021/06/04 5:15 p.m.•69 views

CVE-2021-1502

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex recording files formatted as...

7.8CVSS7.8AI score0.00452EPSS

CVE•added 2018/10/05 2:29 p.m.•57 views

CVE-2018-0436

A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote attacker to view and modify data for an organization other than their own organization. The vulnerability exists because the affected software performs insufficient checks for associations between user ...

8.7CVSS8.6AI score0.00235EPSS

CVE•added 2018/07/18 11:29 p.m.•54 views

CVE-2018-0387

A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could expl...

9.3CVSS8.9AI score0.01338EPSS