Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
BID:106718
CVE-2019-1636 |Info
Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
| Bugtraq ID: | 106718 |
| Class: | Input Validation Error |
| CVE: |
CVE-2019-1636 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 23 2019 12:00AM |
| Updated: | Jan 23 2019 12:00AM |
| Credit: | rgod of 9sg Security Team, working with Trend Micro's Zero Day Initiative |
| Vulnerable: |
Cisco Webex Teams 2.0 |
| Not Vulnerable: |
Cisco Webex Teams 3.0.10260 |
Discussion
Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
Cisco Webex Teams is prone to a local untrusted search path vulnerability.
A local attacker can exploit this issue to execute arbitrary code on the targeted system.
This issue being tracked by Cisco Bug ID CSCvm25955.
Versions prior to Cisco Webex Teams 3.0.10260 are vulnerable.
Cisco Webex Teams is prone to a local untrusted search path vulnerability.
A local attacker can exploit this issue to execute arbitrary code on the targeted system.
This issue being tracked by Cisco Bug ID CSCvm25955.
Versions prior to Cisco Webex Teams 3.0.10260 are vulnerable.
Exploit / POC
Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Cisco Webex Teams CVE-2019-1636 Local Untrusted Search Path vulnerability
References:
References: