Multiple vulnerabilities in multiple Cisco Webex products
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2019-15283 CVE-2019-15284 CVE-2019-15285 CVE-2019-15286 CVE-2019-15287 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco Webex Meetings Online Server applications / Conferencing, Collaboration and VoIP solutions Cisco WebEx Meetings Server Server applications / Conferencing, Collaboration and VoIP solutions Cisco Webex Meetings sites Server applications / Conferencing, Collaboration and VoIP solutions Cisco Webex Player Client/Desktop applications / Multimedia software Cisco WebEx Network Recording Player Client/Desktop applications / Multimedia software |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU22604
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15283
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). A remote attacker can send a specially crafted ARF or WRF file through a link or email attachment, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco Webex Meetings Online: before 1.3.44
Cisco Webex Player: All versions
Cisco WebEx Meetings Server: 3.0MR2 - 4.0
Cisco WebEx Network Recording Player: All versions
Cisco Webex Meetings sites: before 39.8.0
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-webex-player
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU22605
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15284
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). A remote attacker can send a specially crafted ARF or WRF file through a link or email attachment, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco Webex Player: All versions
Cisco WebEx Network Recording Player: All versions
Cisco WebEx Meetings Server: 3.0MR2 - 4.0
Cisco Webex Meetings Online: before 1.3.44
Cisco Webex Meetings sites: before 39.8.0
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-webex-player
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU22606
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15285
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). A remote attacker can send a specially crafted ARF or WRF file through a link or email attachment, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WebEx Meetings Server: 3.0MR2 - 4.0
Cisco Webex Meetings Online: before 1.3.44
Cisco Webex Meetings sites: before 39.8.0
Cisco Webex Player: All versions
Cisco WebEx Network Recording Player: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-webex-player
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU22607
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15286
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). A remote attacker can send a specially crafted ARF or WRF file through a link or email attachment, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WebEx Meetings Server: 3.0MR2 - 4.0
Cisco Webex Meetings Online: before 1.3.44
Cisco Webex Meetings sites: before 39.8.0
Cisco Webex Player: All versions
Cisco WebEx Network Recording Player: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-webex-player
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU22608
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15287
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). A remote attacker can send a specially crafted ARF or WRF file through a link or email attachment, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco WebEx Meetings Server: 3.0MR2 - 4.0
Cisco Webex Meetings Online: before 1.3.44
Cisco Webex Meetings sites: before 39.8.0
Cisco Webex Player: All versions
Cisco WebEx Network Recording Player: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-webex-player
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
