Vulnerabilities > Cisco > Webex Meetings Server

DATE CVE VULNERABILITY TITLE RISK
2021-12-10 CVE-2021-44228 Deserialization of Untrusted Data vulnerability in multiple products
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
10.0
2021-06-04 CVE-2021-1502 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system.
local
low complexity
cisco CWE-119
7.8
2021-06-04 CVE-2021-1503 Out-of-bounds Write vulnerability in Cisco Webex Meetings Server and Webex Player
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system.
local
low complexity
cisco CWE-787
7.8
2021-06-04 CVE-2021-1517 Protection Mechanism Failure vulnerability in Cisco Webex Meetings Server
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections.
network
low complexity
cisco CWE-693
4.3
2021-06-04 CVE-2021-1525 Open Redirect vulnerability in Cisco Webex Meetings Server
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file.
network
low complexity
cisco CWE-601
6.1
2021-06-04 CVE-2021-1536 Uncontrolled Search Path Element vulnerability in Cisco products
A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.
local
low complexity
cisco CWE-427
7.8
2021-02-17 CVE-2021-1372 Exposure of Sensitive Data Through Data Queries vulnerability in Cisco Webex Meetings Server
A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system.
local
low complexity
cisco CWE-202
5.5
2021-02-04 CVE-2021-1221 Injection vulnerability in Cisco Webex Meetings Server
A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email.
network
low complexity
cisco CWE-74
4.1
2021-01-13 CVE-2021-1311 Improper Restriction of Excessive Authentication Attempts vulnerability in Cisco Webex Meetings and Webex Meetings Server
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting.
network
low complexity
cisco CWE-307
5.4
2020-11-18 CVE-2020-3471 Improper Synchronization vulnerability in Cisco Webex Meetings Server
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session.
network
low complexity
cisco CWE-662
6.5