Jan 27, 2020 · A vulnerability in Cisco’s Webex video conferencing platform is one a number of security issues that the company has resolved in recent weeks.
Jan 25, 2020 · Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited. The vulnerability, tracked as CVE-2020-3142 and classified as high severity , affected Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites, releases earlier than 39.11.5 and 40.1.3. Multiple vulnerabilities have been discovered in Cisco Webex Network Recording Player and Cisco Webex Player which could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. The Webex meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco Webex. Apr 18, 2018 · The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client. Partial. None. A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method.
Jun 18, 2020 · One of the high-severity flaws ( CVE-2020-3361) allows a remote, unauthenticated attacker to gain unauthorized access to a Webex site by sending specially crafted requests. The vulnerability impacts Cisco Webex Meetings sites and Cisco Webex Meetings Server.
CVE-2020-3322 CWE-20 A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system. The vulnerability exists due to insufficient validation of certain elements with a Webex
Jul 10, 2020 · In other words, Dropbox would pay hackers for security vulnerabilities they found in Zoom. (Dropbox staffers used Zoom regularly, and Dropbox was an investor in Zoom.) That means WebEx, Amazon
Cisco Webex security vulnerabilities, exploits, metasploit modules, vulnerability statistics and list of versions (e.g.: CVE-2009-1234 or 2010-1234 or 20101234) Log In Register Cisco Webex Meetings Suite and Cisco Webex Meetings Online Unauthenticated Meeting Join Vulnerability 24/Jan/2020 New Cisco Webex Centers Denial of Service Vulnerability 08/Jan/2020 New Cisco Webex Teams and Cisco Webex Meetings Client DLL Hijacking Vulnerability 02/Dec/2019 New Core Security researchers Federico Muttis, Sebastian Tello and Manuel Muradas teamed to discover two separate vulnerabilities, each affecting a separate Cisco WebEx application. Mar 04, 2020 · The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF).