Vulnerabilities > CVE-2022-20863 - Unspecified vulnerability in Cisco Webex Teams

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

cisco

NVD

Published: 2022-09-08

Updated: 2023-11-07

Summary

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character rendering. An attacker could exploit this vulnerability by sending messages within the application interface. A successful exploit could allow the attacker to modify the display of links or other content within the interface, potentially allowing the attacker to conduct phishing or spoofing attacks.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Webex Teams - Cisco Webex Teams 3.0.4533 Cisco Webex Teams 3.0.12427.0 Cisco Webex Teams 3.0.12808.0 Cisco Webex Teams 3.0.13131 Cisco Webex Teams 3.0.14234 Cisco Webex Teams 3.0.14741.0 Cisco Webex Teams 3.0.14866.0 Cisco Webex Teams 3.0.15015.0 Cisco Webex Teams 3.0.15036.0 Cisco Webex Teams 3.0.15092.0 Cisco Webex Teams 3.0.15131.0 Cisco Webex Teams 3.0.15164.0 Cisco Webex Teams 3.0.15221.0 Cisco Webex Teams 3.0.15333.0 Cisco Webex Teams 3.0.15410.0 Cisco Webex Teams 3.0.15485.0 Cisco Webex Teams 3.0.15645.0 Cisco Webex Teams 3.0.15711.0 Cisco Webex Teams 3.0.16040.0 Cisco Webex Teams 3.0.16285.0 Cisco Webex Teams 3.0.16605.0 Cisco Webex Teams 3.13.26920 Cisco Webex Teams 40.12.0.17293	25

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-qrtO6YC2