PT-2020-4957 · Cisco · Cisco Webex Meetings Server+1

Published

2020-11-18

Updated

2021-08-06

CVE-2020-3441

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings and Cisco Webex Meetings Server (affected versions not specified)

Description A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. This issue is due to insufficient protection of sensitive participant information. An attacker could exploit this vulnerability by browsing the Webex roster, allowing them to gather information about other Webex participants, such as email address and IP address, while waiting in the lobby.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2020-05532

CVE-2020-3441

Affected Products

Cisco Webex Meetings

Cisco Webex Meetings Server

PT-2020-4957 · Cisco · Cisco Webex Meetings Server+1

CVE-2020-3441

Weakness Enumeration

Related Identifiers

Affected Products

References · 5