Vulnslist

find the latest Cisco vulnerabilities

Cisco Webex Teams Remote Code Execution Vulnerability

cisco-sa-20180718-webex-teams-rce · Medium · Published · Updated

A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to execute arbitrary code on the user’s device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user’s system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-teams-rce

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2018-0387
Cisco Bug IDsCSCvh66250
CVSS ScoreBase 6.3
Base 6.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco Webex Teams, Cisco Webex App

Related Products

Product CVE Evidence
Cisco Webex Teams CVE-2018-0387 Cisco OpenVuln
Cisco Webex App CVE-2018-0387 Cisco OpenVuln