CVE-2024-20396 - OpenCVE

A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerability by persuading a user to follow a link that is designed to cause the application to send requests. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture sensitive information, including credential information, from the requests.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-07-17T16:33:55.108Z

Updated: 2024-08-01T21:59:41.785Z

Reserved: 2023-11-08T15:08:07.660Z

Link: CVE-2024-20396

Vulnrichment

Updated: 2024-08-01T21:59:41.785Z

NVD

Status : Awaiting Analysis

Published: 2024-07-17T17:15:13.070

Modified: 2024-07-18T12:28:43.707

Link: CVE-2024-20396

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20396", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.660Z", "datePublished": "2024-07-17T16:33:55.108Z", "dateUpdated": "2024-08-01T21:59:41.785Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-07-17T16:33:55.108Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\n\r This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerability by persuading a user to follow a link that is designed to cause the application to send requests. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture sensitive information, including credential information, from the requests."}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Teams", "versions": [{"version": "3.0.13464.0", "status": "affected"}, {"version": "3.0.13538.0", "status": "affected"}, {"version": "3.0.13588.0", "status": "affected"}, {"version": "3.0.14154.0", "status": "affected"}, {"version": "3.0.14234.0", "status": "affected"}, {"version": "3.0.14375.0", "status": "affected"}, {"version": "3.0.14741.0", "status": "affected"}, {"version": "3.0.14866.0", "status": "affected"}, {"version": "3.0.15015.0", "status": "affected"}, {"version": "3.0.15036.0", "status": "affected"}, {"version": "3.0.15092.0", "status": "affected"}, {"version": "3.0.15131.0", "status": "affected"}, {"version": "3.0.15164.0", "status": "affected"}, {"version": "3.0.15221.0", "status": "affected"}, {"version": "3.0.15333.0", "status": "affected"}, {"version": "3.0.15410.0", "status": "affected"}, {"version": "3.0.15485.0", "status": "affected"}, {"version": "3.0.15645.0", "status": "affected"}, {"version": "3.0.15711.0", "status": "affected"}, {"version": "3.0.16040.0", "status": "affected"}, {"version": "3.0.16269.0", "status": "affected"}, {"version": "3.0.16273.0", "status": "affected"}, {"version": "3.0.16285.0", "status": "affected"}, {"version": "42.1.0.21190", "status": "affected"}, {"version": "42.10.0.23814", "status": "affected"}, {"version": "42.11.0.24187", "status": "affected"}, {"version": "42.12.0.24485", "status": "affected"}, {"version": "42.2.0.21338", "status": "affected"}, {"version": "42.2.0.21486", "status": "affected"}, {"version": "42.3.0.21576", "status": "affected"}, {"version": "42.4.1.22032", "status": "affected"}, {"version": "42.5.0.22259", "status": "affected"}, {"version": "42.6.0.22565", "status": "affected"}, {"version": "42.6.0.22645", "status": "affected"}, {"version": "42.7.0.22904", "status": "affected"}, {"version": "42.7.0.23054", "status": "affected"}, {"version": "42.8.0.23214", "status": "affected"}, {"version": "42.8.0.23281", "status": "affected"}, {"version": "42.9.0.23494", "status": "affected"}, {"version": "43.1.0.24716", "status": "affected"}, {"version": "43.2.0.25157", "status": "affected"}, {"version": "43.2.0.25211", "status": "affected"}, {"version": "43.3.0.25468", "status": "affected"}, {"version": "43.4.0.25788", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Exposure of Sensitive Information to an Unauthorized Actor", "type": "cwe", "cweId": "CWE-200"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-webex-app-ZjNm8X8j", "discovery": "EXTERNAL", "defects": ["CSCwj36947"]}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-17T17:59:58.773024Z", "id": "CVE-2024-20396", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:00:53.060Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:41.785Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:41.785Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20396", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-17T17:59:58.773024Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-17T18:00:47.161Z"}}], "cna": {"source": {"defects": ["CSCwj36947"], "advisory": "cisco-sa-webex-app-ZjNm8X8j", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Teams", "versions": [{"status": "affected", "version": "3.0.13464.0"}, {"status": "affected", "version": "3.0.13538.0"}, {"status": "affected", "version": "3.0.13588.0"}, {"status": "affected", "version": "3.0.14154.0"}, {"status": "affected", "version": "3.0.14234.0"}, {"status": "affected", "version": "3.0.14375.0"}, {"status": "affected", "version": "3.0.14741.0"}, {"status": "affected", "version": "3.0.14866.0"}, {"status": "affected", "version": "3.0.15015.0"}, {"status": "affected", "version": "3.0.15036.0"}, {"status": "affected", "version": "3.0.15092.0"}, {"status": "affected", "version": "3.0.15131.0"}, {"status": "affected", "version": "3.0.15164.0"}, {"status": "affected", "version": "3.0.15221.0"}, {"status": "affected", "version": "3.0.15333.0"}, {"status": "affected", "version": "3.0.15410.0"}, {"status": "affected", "version": "3.0.15485.0"}, {"status": "affected", "version": "3.0.15645.0"}, {"status": "affected", "version": "3.0.15711.0"}, {"status": "affected", "version": "3.0.16040.0"}, {"status": "affected", "version": "3.0.16269.0"}, {"status": "affected", "version": "3.0.16273.0"}, {"status": "affected", "version": "3.0.16285.0"}, {"status": "affected", "version": "42.1.0.21190"}, {"status": "affected", "version": "42.10.0.23814"}, {"status": "affected", "version": "42.11.0.24187"}, {"status": "affected", "version": "42.12.0.24485"}, {"status": "affected", "version": "42.2.0.21338"}, {"status": "affected", "version": "42.2.0.21486"}, {"status": "affected", "version": "42.3.0.21576"}, {"status": "affected", "version": "42.4.1.22032"}, {"status": "affected", "version": "42.5.0.22259"}, {"status": "affected", "version": "42.6.0.22565"}, {"status": "affected", "version": "42.6.0.22645"}, {"status": "affected", "version": "42.7.0.22904"}, {"status": "affected", "version": "42.7.0.23054"}, {"status": "affected", "version": "42.8.0.23214"}, {"status": "affected", "version": "42.8.0.23281"}, {"status": "affected", "version": "42.9.0.23494"}, {"status": "affected", "version": "43.1.0.24716"}, {"status": "affected", "version": "43.2.0.25157"}, {"status": "affected", "version": "43.2.0.25211"}, {"status": "affected", "version": "43.3.0.25468"}, {"status": "affected", "version": "43.4.0.25788"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\n\r This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerability by persuading a user to follow a link that is designed to cause the application to send requests. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture sensitive information, including credential information, from the requests."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-200", "description": "Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-07-17T16:33:55.108Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20396", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:59:41.785Z", "dateReserved": "2023-11-08T15:08:07.660Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-07-17T16:33:55.108Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\n\r This vulnerability exists because the affected application does not safely handle file protocol handlers. An attacker could exploit this vulnerability by persuading a user to follow a link that is designed to cause the application to send requests. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture sensitive information, including credential information, from the requests."}, {"lang": "es", "value": "Una vulnerabilidad en los controladores de protocolo de la aplicaci\u00f3n Cisco Webex podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso a informaci\u00f3n confidencial. Esta vulnerabilidad existe porque la aplicaci\u00f3n afectada no maneja de forma segura los controladores de protocolo de archivos. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que siga un v\u00ednculo manipulado para hacer que la aplicaci\u00f3n env\u00ede solicitudes. Si el atacante puede observar el tr\u00e1fico transmitido en una posici\u00f3n privilegiada de la red, una explotaci\u00f3n exitosa podr\u00eda permitirle capturar informaci\u00f3n confidencial, incluida informaci\u00f3n de credenciales, de las solicitudes."}], "id": "CVE-2024-20396", "lastModified": "2024-07-18T12:28:43.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2024-07-17T17:15:13.070", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}