Unauthenticated meeting Join Vulnerability in Cisco Webex
Unauthenticated meeting Join Vulnerability Cisco Webex Meetings Suite
Software Affected
• Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online site releases prior to 39.11.5 and 40.1.3.
Overview
The vulnerability has been reported in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites which could allow an
unauthenticated remote attacker to join a password-protected meeting without providing the meeting password.
Description
Cisco Webex Meetings Suite and Cisco Webex Meetings Online Unauthenticated Meeting Join Vulnerability ( CVE-
2020-3142 )
A vulnerability exists in Cisco Webex Meetings Suite and Cisco Webex Meetings Online sites due to unintended meeting
information exposure in a specific meeting joins flow for mobile applications that could allow the attacker to join a password-protected meeting without providing the meeting password. An attacker could exploit this vulnerability by accessing a known
meeting ID or meeting URL from the mobile device Successful exploitation of this vulnerability could allow an unauthorized
attendee to join the password-protected meeting.
Software Affected
• Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online site releases prior to 39.11.5 and 40.1.3.
Overview
The vulnerability has been reported in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites which could allow an
unauthenticated remote attacker to join a password-protected meeting without providing the meeting password.
Description
Cisco Webex Meetings Suite and Cisco Webex Meetings Online Unauthenticated Meeting Join Vulnerability ( CVE-
2020-3142 )
A vulnerability exists in Cisco Webex Meetings Suite and Cisco Webex Meetings Online sites due to unintended meeting
information exposure in a specific meeting joins flow for mobile applications that could allow the attacker to join a password-protected meeting without providing the meeting password. An attacker could exploit this vulnerability by accessing a known
meeting ID or meeting URL from the mobile device Successful exploitation of this vulnerability could allow an unauthorized
attendee to join the password-protected meeting.
Comments
Post a Comment