Webex Meetings
CVEs (75)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1410 | 0.00 | — | 0.01 | Nov 18, 2024 | A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for… | |||
| CVE-2022-20654 | 0.00 | — | 0.01 | Nov 15, 2024 | A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of… | |||
| CVE-2023-20180 | 0.00 | — | 0.00 | Jul 7, 2023 | A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an… | |||
| CVE-2023-20133 | 0.00 | — | 0.01 | Jul 7, 2023 | A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied… | |||
| CVE-2023-20134 | 0.00 | — | 0.00 | Apr 5, 2023 | Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details… | |||
| CVE-2023-20132 | 0.00 | — | 0.00 | Apr 5, 2023 | Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details… | |||
| CVE-2022-20863 | 0.00 | — | 0.01 | Sep 8, 2022 | A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly… | |||
| CVE-2022-20820 | 0.00 | — | 0.00 | Aug 10, 2022 | Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details… | |||
| CVE-2022-20852 | 0.00 | — | 0.00 | Aug 10, 2022 | Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details… | |||
| CVE-2022-20778 | 0.00 | — | 0.01 | Apr 21, 2022 | A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied… | |||
| CVE-2022-20763 | 0.00 | — | 0.01 | Apr 6, 2022 | A vulnerability in the login authorization components of Cisco Webex Meetings could allow an authenticated, remote attacker to inject arbitrary Java code. This vulnerability is due to improper deserialization of Java code within login requests. An attacker could exploit this… | |||
| CVE-2021-40128 | 0.00 | — | 0.01 | Nov 4, 2021 | A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an arbitrary domain. This vulnerability is due to insufficient validation of… | |||
| CVE-2021-34743 | 0.00 | — | 0.00 | Oct 21, 2021 | A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user's account without that user's express consent. This vulnerability is due to… | |||
| CVE-2021-1544 | 0.00 | — | 0.00 | Jun 4, 2021 | A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe logging of application actions. An attacker could exploit this vulnerability by… | |||
| CVE-2021-1536 | 0.00 | — | 0.00 | Jun 4, 2021 | A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.… | |||
| CVE-2021-1527 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insufficient validation of… | |||
| CVE-2021-1526 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF). An attacker… | |||
| CVE-2021-1525 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit… | |||
| CVE-2021-1517 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer… | |||
| CVE-2021-1503 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording… |
- CVE-2021-1410Nov 18, 2024risk 0.00cvss —epss 0.01
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for…
- CVE-2022-20654Nov 15, 2024risk 0.00cvss —epss 0.01
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of…
- CVE-2023-20180Jul 7, 2023risk 0.00cvss —epss 0.00
A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an…
- CVE-2023-20133Jul 7, 2023risk 0.00cvss —epss 0.01
A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied…
- CVE-2023-20134Apr 5, 2023risk 0.00cvss —epss 0.00
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details…
- CVE-2023-20132Apr 5, 2023risk 0.00cvss —epss 0.00
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details…
- CVE-2022-20863Sep 8, 2022risk 0.00cvss —epss 0.01
A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly…
- CVE-2022-20820Aug 10, 2022risk 0.00cvss —epss 0.00
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details…
- CVE-2022-20852Aug 10, 2022risk 0.00cvss —epss 0.00
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details…
- CVE-2022-20778Apr 21, 2022risk 0.00cvss —epss 0.01
A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied…
- CVE-2022-20763Apr 6, 2022risk 0.00cvss —epss 0.01
A vulnerability in the login authorization components of Cisco Webex Meetings could allow an authenticated, remote attacker to inject arbitrary Java code. This vulnerability is due to improper deserialization of Java code within login requests. An attacker could exploit this…
- CVE-2021-40128Nov 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in the account activation feature of Cisco Webex Meetings could allow an unauthenticated, remote attacker to send an account activation email with an activation link that points to an arbitrary domain. This vulnerability is due to insufficient validation of…
- CVE-2021-34743Oct 21, 2021risk 0.00cvss —epss 0.00
A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user's account without that user's express consent. This vulnerability is due to…
- CVE-2021-1544Jun 4, 2021risk 0.00cvss —epss 0.00
A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe logging of application actions. An attacker could exploit this vulnerability by…
- CVE-2021-1536Jun 4, 2021risk 0.00cvss —epss 0.00
A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.…
- CVE-2021-1527Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insufficient validation of…
- CVE-2021-1526Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF). An attacker…
- CVE-2021-1525Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit…
- CVE-2021-1517Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer…
- CVE-2021-1503Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording…
Page 2 of 4