Vulnslist

find the latest Cisco vulnerabilities

Cisco Webex Centers Denial of Service Vulnerability

cisco-sa-20200108-webex-centers-dos · Medium · Published · Updated

A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of UCF media files. An attacker could exploit this vulnerability by sending a user a malicious UCF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit would cause the application to quit unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-webex-centers-dos

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2020-3116
Cisco Bug IDsCSCvr16379, CSCvr16383, CSCvr16386
CVSS ScoreBase 5.5
Base 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco WebEx Event Center, Cisco WebEx Meeting Center, Cisco WebEx Support Center, Cisco WebEx Training Center

Related Products

Product CVE Evidence
Cisco WebEx Training Center CVE-2020-3116 Cisco OpenVuln
Cisco WebEx Support Center CVE-2020-3116 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2020-3116 Cisco OpenVuln
Cisco WebEx Event Center CVE-2020-3116 Cisco OpenVuln