CVE-2020-3472

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings (affected versions not specified)

Description: A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The issue is due to improper access restrictions on users who are added within user contacts. An attacker could exploit this by sending specially crafted requests to the Webex Meetings site, potentially allowing them to view the details of users on another Webex site, including user names and email addresses.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.