A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is due to a design defect in an application programing interface (API) response parser within the plugin. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco has released software updates for Google Chrome, Firefox, and Internet Explorer that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex
Jlhmfgmfgeifomenelglieieghnjghma
atgpccontrol
The version number is displayed at the bottom of the Manage Add-ons window. See the table of fixed plugin versions in the Fixed Software section of this advisory.
The Cisco WebEx ActiveX Plugin for Microsoft Internet Explorer Class ID (CLSID), which organizations can use to identify hosts that contain the plugin, is the following:
E06E2E99-0AA1-11D4-ABA6-0060082AA75C
URL requests containing the string pattern "cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html"
and
URL hostname not matching the known customer's WebEx site URL (e.g. company.webex.com in https://company.webex.com/cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html)
Cisco WebEx Major Version |
Fixed GPC Container Version |
---|---|
T31.10.0 | 10031.6.2017.0126 |
T31.9.8 | 10031.6.2017.0126 |
T30.16.2 | 10030.100.2017.127 |
T30.15.5 | 10030.100.2017.0127 |
T30.14.2 | 10030.0.2017.0127 |
T30.12.4 | 10030.1204.2017.0127 |
T30.9.2 | 10030.100.2017.0127 |
T30.6.6 | 10030.100.2017.0127 |
T30.4.4 | 10030.100.2017.127 |
T29.13.121 | 29.13.2017.0127 |
T29.13.94 | 29.13.2017.0127 |
T29.13.73 | 29.13.2017.0127 |
T29.13.56 | 29.13.2017.0127 |
T29.13.42 | 29.13.2017.0127 |
T29.13.35 | 29.13.2017.0127 |
T29.13.14 | 29.13.2017.0127 |
Cisco WebEx Major Version |
Fixed Application Version |
---|---|
T31.10.2 | 31.10.2.5 or later |
T31.9.8 | 31.9.8.5 or later |
T30.16.2 | 30.16.2.10007 E or later |
T30.15.5 | 30.15.5.10009 E or later |
T30.14.2 | 30.14.2.10003 E or later |
T30.12.4 | 30.12.4.10004 E or later |
T30.9.2 | 30.9.2.10010 E or later |
T30.6.6 | 30.6.6.10006 E or later |
T30.4.4 | 30.4.4.10003 E or later |
T29.13.121 | 29.13.121.10011 E or later |
T29.13.94 | 29.13.94.10005 E or later |
T29.13.73 | 29.13.72.10007 E or later |
T29.13.56 | 29.13.56.10008 E or later |
T29.13.42 | 29.13.42.10008 E or later |
T29.13.35 | 29.13.25.10005 E or later |
T29.13.14 | 29.13.14.10012 E or later |
Cisco WebEx Meetings Server client packages will be available as part of the upgraded solution.
Version | Description | Section | Status | Date |
---|---|---|---|---|
1.10 | Included information about ongoing, limited exploitation. | Exploitation and Public Announcements | Final | 2019-March-28 |
1.9 | Updated Internet Explorer information in the Vulnerable Products and Fixed Software sections. | Affected Products, Fixed Software. | Final | 2017-February-04 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.