Intrusion PreventionCisco.WebEx.NRP.Remote.Code.Execution
Description
This indicates the detection of an attack attempt against a remote Code Execution vulnerability in Cisco WebEx Network Recording Player.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted arf file. A remote attacker may be able to exploit this to execute arbitrary code on the affected system.
Affected Products
Cisco Webex Meetings Suite (WBS31) - Webex Network Recording Player and Webex Player versions prior to WBS31.23
Cisco Webex Meetings Suite (WBS32) - Webex Network Recording Player and Webex Player versions prior to WBS32.15
Cisco Webex Meetings Suite (WBS33) - Webex Network Recording Player and Webex Player versions prior to WBS33.2
Cisco Webex Meetings Online - Webex Network Recording Player and WebEx Player versions prior to 1.3.35
Cisco Webex Meetings Server - Webex Network Recording Player versions prior to 3.0MR1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest patch from the vendor:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-11-22 | 15.729 | Name:Cisco. Webex. NRP. Remote. Code. Execution:Cisco. WebEx. NRP. Remote. Code. Execution |
| ID | 46333 |
| Created | Jul 10, 2018 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2018-0379 |
| Exploit Prediction Score | 0.24% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Cisco |