Filtered by vendor Cisco
Subscriptions
Filtered by product Webex Meetings Online
Subscriptions
Total
59 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1637 | 1 Cisco | 2 Webex Meetings Online, Webex Meetings Server | 2024-11-20 | N/A |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1638 | 1 Cisco | 2 Webex Meetings Online, Webex Meetings Server | 2024-11-20 | N/A |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1639 | 1 Cisco | 2 Webex Meetings Online, Webex Meetings Server | 2024-11-20 | N/A |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1640 | 1 Cisco | 2 Webex Meetings Online, Webex Meetings Server | 2024-11-20 | N/A |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1641 | 1 Cisco | 2 Webex Meetings Online, Webex Meetings Server | 2024-11-20 | N/A |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1674 | 2 Cisco, Microsoft | 4 Webex Meetings, Webex Meetings Online, Webex Productivity Tools and 1 more | 2024-11-20 | N/A |
| A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools. This vulnerability is fixed in Cisco Webex Meetings Desktop App Release 33.6.6 and 33.9.1 releases. This vulnerability is fixed in Cisco Webex Productivity Tools Release 33.0.7. | ||||
| CVE-2019-1771 | 1 Cisco | 4 Webex Business Suite, Webex Business Suite Lockdown, Webex Meetings Online and 1 more | 2024-11-20 | 7.8 High |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1773 | 1 Cisco | 4 Webex Business Suite, Webex Business Suite Lockdown, Webex Meetings Online and 1 more | 2024-11-20 | 7.8 High |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1772 | 1 Cisco | 4 Webex Business Suite, Webex Business Suite Lockdown, Webex Meetings Online and 1 more | 2024-11-20 | 7.8 High |
| A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system. | ||||
| CVE-2019-1925 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-1924 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-1927 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-1926 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-1929 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-1928 | 1 Cisco | 3 Webex Business Suite, Webex Meetings Online, Webex Meetings Server | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-15286 | 2 Cisco, Microsoft | 4 Webex Business Suite, Webex Meetings Online, Webex Meetings Server and 1 more | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-15284 | 2 Cisco, Microsoft | 4 Webex Business Suite, Webex Meetings Online, Webex Meetings Server and 1 more | 2024-11-20 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||
| CVE-2019-15987 | 1 Cisco | 6 Webex Event Center, Webex Meeting Center, Webex Meetings Online and 3 more | 2024-11-19 | 5.3 Medium |
| A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user. | ||||
| CVE-2020-3142 | 1 Cisco | 1 Webex Meetings Online | 2024-11-15 | 7.5 High |
| A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iOS or Android. The vulnerability is due to unintended meeting information exposure in a specific meeting join flow for mobile applications. An unauthorized attendee could exploit this vulnerability by accessing a known meeting ID or meeting URL from the mobile device’s web browser. The browser will then request to launch the device’s Webex mobile application. A successful exploit could allow the unauthorized attendee to join the password-protected meeting. The unauthorized attendee will be visible in the attendee list of the meeting as a mobile attendee. Cisco has applied updates that address this vulnerability and no user action is required. This vulnerability affects Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites releases earlier than 39.11.5 and 40.1.3. | ||||
| CVE-2020-3127 | 1 Cisco | 4 Webex Meetings, Webex Meetings Online, Webex Meetings Server and 1 more | 2024-11-15 | 7.8 High |
| Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. | ||||