Cisco Webex Bug Allows Remote Code Execution

2020-01-10 17:24

Cisco Systems has fixed two high-severity vulnerabilities in its products, including one in its popular Webex video conferencing platform that could enable a remote attacker to execute commands.

The high-severity Webex flaw exists in the web-based management interface of Cisco Webex Video Mesh, a feature that enables on-premises infrastructure for video conferencing, to enhance audio, video and content.

The vulnerability affects Cisco Webex Video Mesh Software releases earlier than 2019.09.19.1956m.

The networking giant on Wednesday also released fixes for another high-severity glitch in the web user interface of Cisco IOS and Cisco IOS XE Software.

The flaw, discovered by Mehmet Önder Key, affects Cisco devices that are running vulnerable releases of Cisco IOS or Cisco IOS XE Software earlier than 16.1.1 with the HTTP Server feature enabled.

News URL

https://threatpost.com/cisco-webex-bug-allows-remote-code-execution/151724/

#cisco #codeexecution #webex

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		4500	241	3143	1879	617	5880