Vulnslist

find the latest Cisco vulnerabilities

Cisco WebEx Advanced Recording Format Remote Code Execution Vulnerability

cisco-sa-20180502-war · Critical · Published · Updated

A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or open the file. Successful exploitation could allow the attacker to execute arbitrary code on the user’s system. The Cisco WebEx players are applications that are used to play back WebEx meeting recordings that have been recorded by an online meeting attendee. The player can be installed automatically when a user accesses a recording file that is hosted on a WebEx server. Cisco has updated affected versions of Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and the Cisco WebEx ARF Player to address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-war

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. However, it is possible to remove all WebEx software completely from a system by using the Meeting Services Removal Tool (for Microsoft Windows users) or the Mac WebEx Meeting Application Uninstaller (for Apple Mac OS X users), both of which are available for download from the Cisco Collaboration Help article at https://collaborationhelp.cisco.com/article/en-us/WBX000026396 ["https://collaborationhelp.cisco.com/article/en-us/WBX000026396"].

Removal of Cisco WebEx software from a Linux or UNIX-based system can be accomplished by following the steps in the Cisco Collaboration Help article at https://collaborationhelp.cisco.com/article/en-us/WBX28548 ["https://collaborationhelp.cisco.com/article/en-us/WBX28548"].

Complete removal of the Cisco WebEx software will no longer allow WebEx functionality unless the software is reinstalled prior to attending a meeting or watching a recording.

CVEsCVE-2018-0264
Cisco Bug IDsCSCvh85410, CSCvh85442, CSCvh85430, CSCvh85457, CSCvh85440, CSCvh85453
CVSS ScoreBase 9.6
Base 9.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco WebEx ARF Player, Cisco WebEx Meetings Server, Cisco Webex Meetings

Related Products

Product CVE Evidence
Cisco Webex Network Recording Player CVE-2018-0264 Cisco OpenVuln
Cisco Webex Meetings CVE-2018-0264 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2018-0264 Cisco OpenVuln
Cisco WebEx ARF Player CVE-2018-0264 Cisco OpenVuln