Webex Meetings
CVEs (75)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1502 | 0.00 | — | 0.01 | Jun 4, 2021 | A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex… | |||
| CVE-2021-1467 | 0.00 | — | 0.01 | Apr 8, 2021 | A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the… | |||
| CVE-2021-1420 | 0.00 | — | 0.01 | Apr 8, 2021 | A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this… | |||
| CVE-2021-1351 | 0.00 | — | 0.01 | Feb 17, 2021 | A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient… | |||
| CVE-2021-1372 | 0.00 | — | 0.00 | Feb 17, 2021 | A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected… | |||
| CVE-2021-1221 | 0.00 | — | 0.01 | Feb 4, 2021 | A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. The vulnerability is due to insufficient input validation. An attacker… | |||
| CVE-2021-1310 | 0.00 | — | 0.02 | Jan 13, 2021 | A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is… | |||
| CVE-2021-1311 | 0.00 | — | 0.01 | Jan 13, 2021 | A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host… | |||
| CVE-2020-3471 | 0.00 | — | 0.02 | Nov 18, 2020 | A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. The vulnerability is due to a synchronization issue between meeting and… | |||
| CVE-2020-3441 | 0.00 | — | 0.02 | Nov 18, 2020 | A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. This vulnerability is due to insufficient protection of sensitive participant information. An… | |||
| CVE-2020-3419 | 0.00 | — | 0.02 | Nov 18, 2020 | A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable… | |||
| CVE-2020-27126 | 0.00 | — | 0.01 | Nov 18, 2020 | A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supplied input to an application programmatic interface (API) within Cisco Webex… | |||
| CVE-2020-3588 | 0.00 | — | 0.00 | Nov 6, 2020 | A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual… | |||
| CVE-2020-3541 | 0.00 | — | 0.00 | Sep 4, 2020 | A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information. The vulnerability is… | |||
| CVE-2020-3542 | 0.00 | — | 0.01 | Sep 4, 2020 | A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An… | |||
| CVE-2020-3440 | 0.00 | — | 0.03 | Aug 26, 2020 | A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected… | |||
| CVE-2020-3412 | 0.00 | — | 0.01 | Aug 17, 2020 | A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization… | |||
| CVE-2020-3413 | 0.00 | — | 0.01 | Aug 17, 2020 | A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization… | |||
| CVE-2020-3463 | 0.00 | — | 0.01 | Aug 17, 2020 | A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to… | |||
| CVE-2020-3472 | 0.00 | — | 0.01 | Aug 17, 2020 | A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An… |
- CVE-2021-1502Jun 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex…
- CVE-2021-1467Apr 8, 2021risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the…
- CVE-2021-1420Apr 8, 2021risk 0.00cvss —epss 0.01
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this…
- CVE-2021-1351Feb 17, 2021risk 0.00cvss —epss 0.01
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient…
- CVE-2021-1372Feb 17, 2021risk 0.00cvss —epss 0.00
A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of shared memory by the affected…
- CVE-2021-1221Feb 4, 2021risk 0.00cvss —epss 0.01
A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. The vulnerability is due to insufficient input validation. An attacker…
- CVE-2021-1310Jan 13, 2021risk 0.00cvss —epss 0.02
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is…
- CVE-2021-1311Jan 13, 2021risk 0.00cvss —epss 0.01
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host…
- CVE-2020-3471Nov 18, 2020risk 0.00cvss —epss 0.02
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. The vulnerability is due to a synchronization issue between meeting and…
- CVE-2020-3441Nov 18, 2020risk 0.00cvss —epss 0.02
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. This vulnerability is due to insufficient protection of sensitive participant information. An…
- CVE-2020-3419Nov 18, 2020risk 0.00cvss —epss 0.02
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable…
- CVE-2020-27126Nov 18, 2020risk 0.00cvss —epss 0.01
A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supplied input to an application programmatic interface (API) within Cisco Webex…
- CVE-2020-3588Nov 6, 2020risk 0.00cvss —epss 0.00
A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual…
- CVE-2020-3541Sep 4, 2020risk 0.00cvss —epss 0.00
A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information. The vulnerability is…
- CVE-2020-3542Sep 4, 2020risk 0.00cvss —epss 0.01
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An…
- CVE-2020-3440Aug 26, 2020risk 0.00cvss —epss 0.03
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected…
- CVE-2020-3412Aug 17, 2020risk 0.00cvss —epss 0.01
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization…
- CVE-2020-3413Aug 17, 2020risk 0.00cvss —epss 0.01
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization…
- CVE-2020-3463Aug 17, 2020risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to…
- CVE-2020-3472Aug 17, 2020risk 0.00cvss —epss 0.01
A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An…
Page 3 of 4