QID 316976
Date Published: 2021-06-22
QID 316976: Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability(cisco-sa-webex-player-rCFDeVj2)
A vulnerability in Cisco Webex Network Recording Player for Windows and
MacOS and Cisco Webex Player for Windows and MacOS could
allow an attacker to execute arbitrary code on an affected system.
Affected Products
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows
releases earlier than Release
41.2. The players are available from Cisco Webex Meetings sites and Cisco Webex Meetings Server.
Note: Webex Meetings Server not supported. Support only for Windows OS
Potential QID as cannot differentiate between Player obtained from webex site or webex desktop app
QID Detection Logic (Authenticated):
The check matches for Cisco Webex Network Recording Player file version by reading the contents of "builder.ini" file on the target.
A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.
Customers are advised to refer to cisco-sa-webex-player-rCFDeVj2 for more information.
- cisco-sa-webex-player-rCFDeVj2 -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-rCFDeVj2
CVEs related to QID 316976
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-webex-player-rCFDeVj2 |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-rCFDeVj2 |