Security News > 2020 > January > Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings

Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
2020-01-24 19:27

UPDATE. Cisco Systems has fixed a high-severity vulnerability in its popular Webex video conferencing platform, which could let strangers barge in on password-protected meetings - no authentication necessary.

"The vulnerability is due to unintended meeting information exposure in a specific meeting join flow for mobile applications," Cisco said.

Affected are Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites for versions earlier than 39.11.5 and 40.1.3.

Cisco fixed this vulnerability in versions 39.11.5 and later and 40.1.3 and later for Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites.

Logging in to the Cisco Webex Meetings Suite site or Cisco Webex Meetings Online site and navigating to Downloads on the left side of the page.


News URL

https://threatpost.com/cisco-webex-flaw-lets-unauthenticated-users-join-private-online-meetings/152191/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751