CVE-2022-20863

CWE-4504 documents4 sources
Severity
5.3MEDIUM
EPSS
0.4%
top 40.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Webex TeamsCisco Cisco Webex Meetings Desktop APP
Timeline
PublishedSep 8
Latest updateSep 9

Description

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character rendering. An attacker could exploit this vulnerability by sending messages within the application interface. A successful exploit could allow the attacker to modify the display of links or other content wit…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

â–¶NVDcisco/webex_teams< 42.7

🔴Vulnerability Details

2
GHSA
GHSA-hh7x-5f4p-r457: A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate lin↗2022-09-09
â–¶
CVEList
Cisco Webex Meetings App Character Interface Manipulation Vulnerability↗2022-09-08
â–¶

📋Vendor Advisories

1
Cisco
Cisco Webex Meetings App Character Interface Manipulation Vulnerability↗2022-09-07
â–¶
CVE-2022-20863 (MEDIUM CVSS 5.3) | A vulnerability in the messaging in | cvebase.io