CVE-2020-3126

Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings Server (affected versions not specified)

Description The issue is related to insufficient access control in the multimedia content viewing function of the software. This could allow a remote attacker to gain unauthorized access to protected information. The vulnerability is due to missing security warning dialog boxes when a room host views shared multimedia files. An authenticated, remote attacker could exploit this by sharing files within the Multimedia sharing feature and convincing a former room host to view the file, potentially leading to additional attacks by including malicious files within the targeted room host's browser window.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.