Cisco WebEx Meetings Multiple Vulnerabilities
Last Update Date:
19 Nov 2020 10:42
Release Date:
19 Nov 2020
5217
Views
RISK: Medium Risk
TYPE: Clients - Im, Chat & Voip
Multiple vulnerabilities were identified in Cisco Webex Meetings, Cisco Webex Meetings API and Cisco Webex Meetings Server, a remote user could exploit some of these vulnerabilities to trigger disclose sensitive information, cross-site scripting and bypass security restriction on the targeted system.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Cisco WebEx Meetings API (Please refer to related links)
- Cisco WebEx Meetings Server (Please refer to related links)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-auth-token-3vg57A5r
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-infodisc-4tvQzn4
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-info-leak-PhpzB3sG
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-xss-MX56prER
Vulnerability Identifier
Source
Related Link
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-auth-token-3vg57A5r
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-infodisc-4tvQzn4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-info-leak-PhpzB3sG
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-xss-MX56prER
- http://www.auscert.org.au/bulletins/ESB-2020.4095/
- http://www.auscert.org.au/bulletins/ESB-2020.4097/
Share with