PT-2018-8800 · Cisco · Cisco Webex Network Recording Player

Published

2018-07-18

Updated

2019-10-09

CVE-2018-0379

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco Webex Network Recording Player (affected versions not specified)

Description The issue allows for arbitrary code execution on a targeted user's system. An attacker could exploit this by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2018-0379

ZDI-18-967

ZDI-18-968

ZDI-18-969

ZDI-18-970

ZDI-18-971

ZDI-18-972

ZDI-18-973

ZDI-18-974

ZDI-18-975

ZDI-18-976

ZDI-18-977

ZDI-18-978

Affected Products

Cisco Webex Network Recording Player

PT-2018-8800 · Cisco · Cisco Webex Network Recording Player

CVE-2018-0379

Weakness Enumeration

Related Identifiers

Affected Products

References · 17