It's caused by unsafe logging of application actions.
#Cisco webex client mac software#
There is a vulnerability in logging mechanisms of Cisco Webex Meetings client software which allows an authenticated, local attacker to gain access to important information. This can happen because of incorrect handling of directory paths at run time. CVE-2021-1536Ĭisco Webex Meetings Desketop App, Cisco Webex Meetings Server, Cisco Webex Network Recording Player and Cisco Webex Teams contain a vulnerability that allow an authenticated, local attacker to perform a DLL injection attack on your device. This is caused due to unsafe handling of shared content within the viewer feature. CVE-2021-1517Ī vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server allows an authenticated, remote attacker to bypass security protections.
Insufficient validation of values in Webex recording files that are saved in Webex Recording Format (WRF). There is a vulnerability in Cisco Webex Player which allows an attacker to cause the affected software to shut down or to gain access to memory stat information that is linked to the vulnerable app. It's caused due to improper validation of URL paths in the application interface. Again, this is caused due to insufficient validation of values within Webex recording files formatted as Advanced Recording Format (ARF) or Webex Recording Format (WRF).Ĭisco Webex Meetings and Cisco Webex Meetings Server contain a vulnerability that allows an unauthenticated and remote attacker to redirect users to a malicious file.
#Cisco webex client mac code#
CVE-2021-1502Ī vulnerability within Cisco Webex Network Recording Player and Cisco Webex player allow an attacker to execute arbitrary code on your system. Due to insufficient validation of values in Webex recording files that are in Webex Recording Format (WRF), an attacker could send a malicious WRF file to the user.
CVE-2021-1526Ī memory corruption vulnerability within the Cisco Webex Player could allow an attacker to execute arbitrary code on your affected system. It's caused due to insufficient validation of values in Webex recording files that are in the following formats: Advanced Recording Format (ARF) or Webex Recording Format (WRF). It could allow to execute arbitrary code by the attacker. This vulnerability exists in the Cisco Webex Network Recording Player and the Cisco Webex Player. ⚡ TL DR | Go Straight to the Cisco Webex Player Vulnerability Report. We advise you to run our custom coded report to fix these high severity flaws. If these Cisco Webex Player vulnerabilities aren't patched, an attacker could take control of the affected system. Cisco released security updates to fix vulnerabilities for some of their products.
0 kommentar(er)
