Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webex_business_suite_31
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 7 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-10-05 | CVE-2018-15418 | A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the... | Webex_business_suite_31, Webex_business_suite_32, Webex_business_suite_33, Webex_meetings_online, Webex_meetings_server | N/A | ||
| 2018-10-05 | CVE-2018-15410 | A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the... | Webex_business_suite_31, Webex_business_suite_32, Webex_business_suite_33, Webex_meetings_online, Webex_meetings_server | N/A | ||
| 2018-10-05 | CVE-2018-15436 | A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker... | Webex_business_suite_31, Webex_business_suite_32, Webex_business_suite_33, Webex_meetings_online | 6.1 | ||
| 2018-10-05 | CVE-2018-15409 | A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the... | Webex_business_suite_31, Webex_business_suite_33, Webex_meetings_online, Webex_meetings_server | 7.8 | ||
| 2018-05-02 | CVE-2018-0264 | A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or open the file. Successful exploitation could allow the attacker to execute arbitrary code on the user's system. This... | Webex_business_suite_31, Webex_business_suite_32, Webex_meeting_server, Webex_meetings | 9.6 | ||
| 2018-04-19 | CVE-2018-0112 | A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client. Exploitation of this vulnerability could allow... | Webex_business_suite_31, Webex_business_suite_32, Webex_meetings, Webex_meetings_server | 9.0 | ||
| 2018-10-05 | CVE-2018-0422 | A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other... | Webex_business_suite_31, Webex_business_suite_32, Webex_business_suite_33, Webex_meetings_online, Webex_meetings_server | 7.3 |