CVE-2024-20396

Name of the Vulnerable Software and Affected Versions: Cisco Webex App (affected versions not specified)

Description: A vulnerability in the protocol handlers of the application could allow an unauthenticated, remote attacker to gain access to sensitive information. This issue exists because the application does not safely handle file protocol handlers. An attacker could exploit this by persuading a user to follow a specially crafted link, causing the application to send requests. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture sensitive information, including credential information, from the requests.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.