Severity Rating: MEDIUM

Software Affected

Cisco Webex Meetings releases prior to Release 40.6.0
Cisco Webex Meetings Server releases prior to Release 4.0 MR3
Overview

A vulnerability has been reported in web pages of Cisco Webex Meetings and
Cisco Webex Meetings Server which could allow an unauthenticated, remote
attacker to conduct HTML Injection.

Description

A vulnerability exists in certain web pages of Cisco Webex Meetings and
Cisco Webex Meetings Server due to improper checks on parameter values
within affected pages. An attacker could exploit this vulnerability by
persuading a user to follow a specially crafted link. 

Successful exploitation of this vulnerability could allow the remote
attacker to alter the contents of a web page or conduct client-side
attacks.

Solution

Apply appropriate security updates as mentioned in 
- -sa-webex-html-BJ4Y9tX


Vendor Information

CISCO
- -sa-webex-html-BJ4Y9tX

References

CISCO
- -sa-webex-html-BJ4Y9tX

CVE Name
CVE-2020-3345

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Related Posts

© Copyright 2020. Designed By Templateify

© Copyright 2020. Ud64

Scroll to Top