Multiple Cisco WebEx Network Recording Players CVE-2018-0287 Remote Code Execution Vulnerability

Bugtraq ID:	104128
Class:	Design Error
CVE:	CVE-2018-0287
Remote:	Yes
Local:	No
Published:	May 02 2018 12:00AM
Updated:	May 02 2018 12:00AM
Credit:	Kushal Arvind Shah of Fortinet�??s FortiGuard Labs
Vulnerable:	Cisco WebEx Meetings Server T30 Cisco WebEx Business Suite 0 Cisco WebEx ARF Player 0
Not Vulnerable:	Cisco WebEx Meetings Server 2.8.1.2039

Multiple Cisco WebEx Network Recording Players CVE-2018-0287 Remote Code Execution Vulnerability

Multiple Cisco WebEx Network Recording Players are prone to a remote code-execution vulnerability.

Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application.

This issue is being tracked by Cisco Bug IDs CSCvh70213, CSCvh70222, and CSCvh70228.

Multiple Cisco WebEx Network Recording Players CVE-2018-0287 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Multiple Cisco WebEx Network Recording Players CVE-2018-0287 Remote Code Execution Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability (Cisco)