CVEDB API

Vulnerabilities

Vulnerable Software

Cisco: >> Webex Meetings Online >> 1.3.38 Security Vulnerabilities

CVE-2019-1772

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system.

CVSS Score

7.8

EPSS Score

0.003

Published

2019-05-15

CVE-2019-1773

CVSS Score

7.8

EPSS Score

0.003

Published

2019-05-15

CVE-2019-1680

A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. The vulnerability is due to improper validation of input. An attacker could exploit this vulnerability by convincing a targeted user to view a malicious URL. A successful exploit could allow the attacker to inject arbitrary text into the user's browser. The attacker could use the content injection to conduct spoofing attacks. Versions prior than 3.0.9 are affected.

CVSS Score

4.3

EPSS Score

0.003

Published

2019-02-07

Page 3

Vulnerabilities

Vulnerable Software

Cisco: >> Webex Meetings Online >> 1.3.38 Security Vulnerabilities

Products

Pricing

Contact Us