CRITICAL✓ PATCH🇬🇧 English

CVE-2018-0104

CVSS 9.6v3.0pub. 2018-01-04upd. 2024-11-21

A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user's system. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCvg78853, CSCvg78856, CSCvg78857.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  • Cisco Webex Business Suite

    APP
    Cisco
    wszystkie wersje
  • Cisco Webex Meetings

    APP
    Cisco
    wszystkie wersje
  • Cisco Webex Meetings Server

    APP
    Cisco
    wszystkie wersje
  • Cisco Webex Network Recording Player

    APP
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2018-0264CRITICAL9.6ten sam produkt

A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could al...

CVE-2018-0112CRITICAL9.0ten sam produkt

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server c...

CVE-2017-12368CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Rec...

CVE-2017-12369CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording P...

CVE-2017-12367CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recordi...