Cisco Webex Meetings 39.7.4
Approved changes feed: RSS · Atom
cpe:2.3:a:cisco:webex_meetings:39.7.4:*:*:*:*:*:*:*
part: a version: 39.7.4 update: *
| Vendor | Cisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5) |
|---|---|
| Product | Webex Meetings (22f71071-0dec-5826-b077-746d53990044) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-20180 |
vulnerable | 2026-06-03 14:48:59.737824 |
Details available
MEDIUM (4.3)
A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.
Published: 2023-07-07T19:47:26.261Z
Updated: 2024-08-02T09:05:35.326Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-20133 |
vulnerable | 2026-06-03 14:48:59.191555 |
Details available
MEDIUM (5.4)
A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Published: 2023-07-07T19:47:01.683Z
Updated: 2024-10-23T20:26:09.652Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-20654 |
vulnerable | 2026-06-03 14:46:06.544094 |
Cisco Webex Meetings Cross-Site Scripting Vulnerability
MEDIUM (6.1)
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Published: 2024-11-15T16:02:24.793Z
Updated: 2024-11-15T16:26:41.047Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-1410 |
vulnerable | 2026-06-03 14:43:28.963906 |
Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability
MEDIUM (4.3)
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization.
The vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Published: 2024-11-18T15:38:58.195Z
Updated: 2024-11-18T15:58:01.907Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-3502 |
vulnerable | 2026-06-03 14:42:45.748141 |
Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities
MEDIUM (4.1)
Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web site. An attacker with a valid Webex account could exploit these vulnerabilities by persuading a user to follow a URL that is designed to return malicious path parameters to the affected software. A successful exploit could allow the attacker to obtain restricted information from other Webex users.
Published: 2020-08-17T18:00:17.457Z
Updated: 2024-11-13T18:16:35.816Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-3501 |
vulnerable | 2026-06-03 14:42:45.747300 |
Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities
MEDIUM (4.1)
Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web site. An attacker with a valid Webex account could exploit these vulnerabilities by persuading a user to follow a URL that is designed to return malicious path parameters to the affected software. A successful exploit could allow the attacker to obtain restricted information from other Webex users.
Published: 2020-08-17T18:00:22.048Z
Updated: 2024-11-13T18:16:25.047Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.