Main Vulnerability Database Vulnerabilities #VU25779

#VU25779 Information disclosure in Cisco Webex Meetings Client for MacOS - CVE-2020-3182

Published: March 5, 2020

Vulnerability identifier: #VU25779

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-3182

CWE-ID: CWE-200

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Cisco Webex Meetings Client for MacOS

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists because sensitive information is included in the multicast DNS (mDNS) protocol reply. A remote attacker on the local network can do an mDNS query for a particular service against an affected device and gain unauthorized access to sensitive information on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-info-disc-OHqg982

#VU25779 Information disclosure in Cisco Webex Meetings Client for MacOS - CVE-2020-3182

Description

Remediation

External links

Please verify you're human