High severity8.7NVD Advisory· Published Oct 5, 2018· Updated Jun 17, 2026
CVE-2018-0436
CVE-2018-0436
Description
A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote attacker to view and modify data for an organization other than their own organization. The vulnerability exists because the affected software performs insufficient checks for associations between user accounts and organization accounts. An attacker who has administrator or compliance officer privileges for one organization account could exploit this vulnerability by using those privileges to view and modify data for another organization account. No customer data was impacted by this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/105301nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-id-modnvdVendor Advisory
News mentions
0No linked articles in our index yet.