PT-2018-13020 · Cisco+1 · Cisco Webex Network Recording Player+2
Publicado
2018-09-21
·
Atualizado
2019-10-09
·
CVE-2018-15414
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Webex Network Recording Player for Microsoft Windows (affected versions not specified)
Cisco Webex Player for Microsoft Windows (affected versions not specified)
Description
A vulnerability exists due to improper validation of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files, allowing an attacker to execute arbitrary code on an affected system. An attacker could exploit this by sending a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file using the affected software.
Recommendations
For Cisco Webex Network Recording Player for Microsoft Windows, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Cisco Webex Player for Microsoft Windows, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Webex Network Recording Player
Cisco Webex Player
Windows