J.R. Rao

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings and Cisco Webex Meetings Server (affected versions not specified) Description: The issue is related to improper access control in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server. This could allow a remote attacker to gain unauthorized access to protected information. An attacker could exploit this by sending crafted requests to a vulnerable site, potentially joining Webex sessions without appearing on the participant list and gaining full access to audio, video, chat, and screen sharing capabilities. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Webex Meetings and Cisco Webex Meetings Server (affected versions not specified) **Description** The issue is related to insufficient input validation, allowing a remote attacker to gain unauthorized access to protected information. It is also due to a synchronization issue between meeting and media services on a vulnerable Webex site. An attacker could exploit this by sending crafted requests to a vulnerable site, potentially maintaining bidirectional audio despite being expelled from an active Webex session. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.