CVE-2021-1517

CWE-6934 documents4 sources

Severity

4.3MEDIUM

EPSS

0.2%

top 60.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Webex Meetings Server Cisco Cisco Webex Meetings Server Cisco Webex Meetings Online

Timeline

PublishedJun 4

Latest updateMay 24

Description

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker could exploit this vulnerability by sharing a file through the multimedia viewer feature. A successful exploit could allow the attacker to bypass security protections and prevent warning dialogs from appe…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages3 packages

▶NVDcisco/webex_meetings_server< 3.0+2

▶CVEListV5cisco/cisco_webex_meetings_servern/a

▶NVDcisco/webex_meetings_online41.3.5

🔴Vulnerability Details

GHSA

GHSA-6464-c84h-p8px: A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker↗2022-05-24

▶

CVEList

Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability↗2021-06-04

▶

📋Vendor Advisories

Cisco

Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability↗2021-06-02

▶