It's caused due to improper validation of URL paths in the application interface. Again, this is caused due to insufficient validation of values within Webex recording files formatted as Advanced Recording Format (ARF) or Webex Recording Format (WRF).Ĭisco Webex Meetings and Cisco Webex Meetings Server contain a vulnerability that allows an unauthenticated and remote attacker to redirect users to a malicious file. CVE-2021-1502Ī vulnerability within Cisco Webex Network Recording Player and Cisco Webex player allow an attacker to execute arbitrary code on your system. Due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF), an attacker could send a malicious WRF file to the user. CVE-2021-1526Ī memory corruption vulnerability within the Cisco Webex Player could allow an attacker to execute arbitrary code on your affected system. It's caused due to insufficient validation of values in Webex recording files that are in the following formats: Advanced Recording Format (ARF) or Webex Recording Format (WRF). It could allow to execute arbitrary code by the attacker. This vulnerability exists in the Cisco Webex Network Recording Player and the Cisco Webex Player. ⚡ TL DR | Go Straight to the Cisco Webex Player Vulnerability Report. We advise you to run our custom coded report to fix these high severity flaws.
If these Cisco Webex Player vulnerabilities aren't patched, an attacker could take control of the affected system. Cisco released security updates to fix vulnerabilities for some of their products.
0 kommentar(er)
