HIGHβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2021-1502

CVSS 7.8v3.1pub. 2021-06-04upd. 2024-11-21

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex recording files formatted as either Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit the vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Cisco Webex Meetings Desktop

    APP
    Cisco
    wszystkie wersje
  • Cisco Webex Meetings Online

    APP
    Cisco
    wszystkie wersje
  • Cisco Webex Meetings Server

    APP
    Cisco
    4.0
  • Cisco Webex Network Recording Player

    APP
    Cisco
    < 41.5
  • Cisco Webex Teams

    APP
    Cisco
    3.0.15485.0
🟒
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2018-0112CRITICAL9.0ten sam produkt

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server c...

CVE-2018-0104CRITICAL9.6ten sam produkt

A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow ...

CVE-2017-12368CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Rec...

CVE-2017-12372CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Rec...

CVE-2017-12367CRITICAL9.6ten sam produkt

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recordi...

CVE-2021-1502 β€” Cisco β€” Webex Meetings Desktop β€” HIGH β€” CVSS 7.8 | CVEbaza.pl