Home Unlabelled Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities

Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities

By
Wednesday, September 19, 2018
Read
Add Comment

Multiple vulnerabilities in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerabilities are due to improper validation of Webex recording files. An attacker could exploit this vulnerability by sending a user a link or email attachment containing a malicious file and persuading the user to open the file in the Cisco Webex Player. A successful exploit could allow the attacker to execute arbitrary code on an affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180919-webex


Security Impact Rating: High
CVE: CVE-2018-15414,CVE-2018-15421,CVE-2018-15422

from Cisco Security Advisory https://ift.tt/2Nnh5p3
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us