Executive Summary

Summary
Title Cisco WebEx Browser Extension Remote Code Execution Vulnerability
Informations
Name cisco-sa-20170124-webex First vendor Publication 2017-01-24
Vendor Cisco Last vendor Modification 2017-01-22
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks.

Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex

BEGIN PGP SIGNATURE

iQIVAwUBWIeo6q89gD3EAJB5AQK3ow//aUWUWxVoRUzo9hxvdE0dquUjKAv7/suF XG8uxNPpZ9xfSs988E07Kt6uF5sJu4xl8YaqYWj0L79jxs4o8fUmmzyFInJMZhOd 8swAjuz6ihVTe+Nj6ahcxEoRRbkNYt77YZAg4m8ngM/5r+QSZRSw4nVpOvLqP9Wv KBjbDVhVMjJ+eGBOEJhfCD8fdXWVIe6RvP5jj7RjaCYWl9yrSFsfO1ccysoCInNk aXKbEwRXeVc3CJHqzg0GUXXnJLZ0jQv81bAGaieCt8eFTjbyK3zghHOxhFK+IUJl ol8ARSbrUpBL5/wSodhtHe9+IzUjiYIMnWiJBLrRWHSi4IXuN8PYOG9cTIaFVEGO QIf83/FDVe+Y5WdfvMwQDDOnQFe/X47GllPoiG4aPouuc7XcbbdZZxZm2kjsdhhz 85sh+VX8giL4u2OOqLSDlLuThqwMSt+1jeq7El/mm7LemNI2y69JUORthcQvOBXE JGiaOfJKc/hJIypyWFzB/eaCbv1cdcny6hAtDIXhyW6AgcNBoTYAIyRiowrgtzWB 3z9yAlFklWKqD6x1zHXEPn8HYSl97oaabXG1yq3quEMSufXT9YsAzElYPBLxUs3B B7z9mpLgdp+5/rdnpDla4ToNYYb/21f2WqDRHAS2FKPhvhAEwt8fBFiulWKBXQaz 3Fpq3hxXY4s= =dTTj END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 1
Application 1
Application 14
Application 36

SAINT Exploits

Description Link
WebEx browser extension command execution More info here

Snort® IPS/IDS

Date Description
2017-01-27 Cisco Webex explicit use of web plugin detected
RuleID : 41409-community - Revision : 6 - Type : POLICY-OTHER
2017-02-25 Cisco Webex explicit use of web plugin detected
RuleID : 41409 - Revision : 6 - Type : POLICY-OTHER
2017-02-25 Cisco WebEx extension command execution attempt
RuleID : 41408 - Revision : 3 - Type : BROWSER-OTHER
2017-02-25 Cisco WebEx extension command execution attempt
RuleID : 41407 - Revision : 3 - Type : BROWSER-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-01-31 Name : A browser extension installed on the remote host is affected by a remote code...
File : cisco_webex_extension_rce_firefox.nasl - Type : ACT_GATHER_INFO
2017-01-31 Name : A browser extension installed on the remote host is affected by a remote code...
File : cisco_webex_extension_rce_ie.nasl - Type : ACT_GATHER_INFO
2017-01-25 Name : A browser extension installed on the remote host is affected by a remote code...
File : cisco_webex_extension_rce.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2017-02-25 05:23:58
  • Multiple Updates
2017-02-01 17:25:56
  • Multiple Updates
2017-02-01 13:25:46
  • Multiple Updates
2017-01-26 13:24:35
  • Multiple Updates
2017-01-24 21:22:42
  • First insertion