Published: 05/12/2015 Updated: 07/12/2015
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

The Cisco WebEx Meetings application prior to 8.5.1 for Android improperly initializes custom application permissions, which allows malicious users to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco webex meetings 8.0_base

Vendor Advisories

A vulnerability in the custom application permissions handling for Cisco WebEx Meetings for Android could allow an unauthenticated, remote attacker to change platform-specific permissions of a custom application The vulnerability is due to the way custom application permissions are assigned at initialization An attacker could exploit this vulner ...