Vulnslist

find the latest Cisco vulnerabilities

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

cisco-sa-20170124-webex · Critical · Published · Updated

A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is due to a design defect in an application programing interface (API) response parser within the plugin. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability.  If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco has released software updates for Google Chrome, Firefox, and Internet Explorer that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. However, administrators and users of Windows 10 systems may utilize Microsoft Edge to join and participate in WebEx sessions as Microsoft Edge is not affected by this vulnerability. Additionally, administrators and users can remove all WebEx software from a Windows system by using the Meeting Services Removal Tool, which is available from https://help.webex.com/docs/DOC-2672 ["https://help.webex.com/docs/DOC-2672"].

Customers who currently have web proxies or web gateways in their environment can create a URL filtering policy to block web requests matching the following condition:

URL requests containing the string pattern "cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html"
and
URL hostname not matching the known customer's WebEx site URL (e.g. company.webex.com in https://company.webex.com/cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html)

CVEsCVE-2017-3823
Cisco Bug IDsCSCvc86959, CSCvc88194, CSCvc88535, CSCvc95034, CSCvc95037, CSCvc95044
CVSS ScoreBase 8.8
Base 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco WebEx Meeting Center, Cisco WebEx Meetings Server

Related Products

Product CVE Evidence
Cisco Webex Meetings CVE-2017-3823 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2017-3823 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2017-3823 Cisco OpenVuln