Threat Encyclopedia

Cisco.WebEx.NRP.Remote.Code.Execution

description-logoDescription

This indicates the detection of an attack attempt against a remote Code Execution vulnerability in Cisco WebEx Network Recording Player.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted arf file. A remote attacker may be able to exploit this to execute arbitrary code on the affected system.

affected-products-logoAffected Products

Cisco Webex Meetings Suite (WBS31) - Webex Network Recording Player and Webex Player versions prior to WBS31.23
Cisco Webex Meetings Suite (WBS32) - Webex Network Recording Player and Webex Player versions prior to WBS32.15
Cisco Webex Meetings Suite (WBS33) - Webex Network Recording Player and Webex Player versions prior to WBS33.2
Cisco Webex Meetings Online - Webex Network Recording Player and WebEx Player versions prior to 1.3.35
Cisco Webex Meetings Server - Webex Network Recording Player versions prior to 3.0MR1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2018-0379