9.3
CVSSv2

CVE-2017-3823

Published: 01/02/2017 Updated: 10/10/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 970
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

An issue exists in the Cisco WebEx Extension prior to 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container prior to 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin prior to 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin prior to 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote malicious user to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco activetouch general plugin container 105

cisco download manager 2.1.0.9

cisco gpccontainer class

cisco webex

cisco webex meetings server 2.0_base

cisco webex meetings server 2.0_mr2

cisco webex meetings server 2.0_mr3

cisco webex meetings server 2.0_mr4

cisco webex meetings server 2.0_mr5

cisco webex meetings server 2.0_mr6

cisco webex meetings server 2.0_mr7

cisco webex meetings server 2.0_mr8

cisco webex meetings server 2.0_mr9

cisco webex meetings server 2.5_base

cisco webex meetings server 2.5_mr1

cisco webex meetings server 2.5_mr2

cisco webex meetings server 2.5_mr3

cisco webex meetings server 2.5_mr4

cisco webex meetings server 2.5_mr5

cisco webex meetings server 2.5_mr6

cisco webex meetings server 2.6_base

cisco webex meetings server 2.6_mr1

cisco webex meetings server 2.6_mr2

cisco webex meetings server 2.6_mr3

cisco webex meetings server 2.7_base

cisco webex meetings server 2.7_mr1

cisco webex meetings server 2.7_mr2

cisco webex meeting center 2.6_base

cisco webex meeting center 2.6_mr1

cisco webex meeting center 2.6_mr2

cisco webex meeting center 2.6_mr3

cisco webex meeting center 2.7_base

cisco webex meeting center 2.7_mr1

cisco webex meeting center 2.7_mr2

cisco webex meeting center t29_base

cisco webex meeting center t30_base

cisco webex meeting center t31_base

Vendor Advisories

A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and S ...

Mailing Lists

This Metasploit module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 101 which allows an attacker to execute arbitrary commands on a system ...

Metasploit Modules

Cisco WebEx Chrome Extension RCE (CVE-2017-3823)

This module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 1.0.1 which allows an attacker to execute arbitrary commands on a system.

msf > use exploit/windows/browser/cisco_webex_ext
      msf exploit(cisco_webex_ext) > show targets
            ...targets...
      msf exploit(cisco_webex_ext) > set TARGET <target-id>
      msf exploit(cisco_webex_ext) > show options
            ...show and set options...
      msf exploit(cisco_webex_ext) > exploit

Recent Articles

VMware emits security alerts, Planet Hollywood chain hacked, SWAT death caller gets 20 years in clink, and more
The Register • Shaun Nichols in San Francisco • 01 Apr 2019

A quick summary of infosec news to start your week

Roundup Last week we saw someone admit hoarding NSA documents, a Huawei patch bungle, and an axe looming for DXC security employees.
Now, here's some extra bits and bytes to start this week and month.
If you're running a server hosting VMware's Service Provider portal, you will want to make sure all your software is up to date immediately. That's because the virtualization giant recently put out an advisory for a remote hijacking bug.
"VMware vCloud Director for Service Provide...

Critical RCE Bug in Cisco WebEx Browser Extensions Faces ‘Ongoing Exploitation’
Threatpost • Tara Seals • 29 Mar 2019

A critical vulnerability in Cisco WebEx browser extensions that could allow unauthenticated remote code-execution (RCE) on targeted machines is being actively exploited in the wild.
The news comes just days after Cisco issued a flurry of 24 different patches for its IOS XE operating system and warned of an incomplete fix for two small business routers (RV320 and RV325).
WebEx is Cisco’s widely used conferencing platform, which takes a cloud-based approach to on-demand web- and vid...

Russian malware scum post new rent-an-exploit
The Register • Richard Chirgwin • 16 Aug 2017

Unpatched browser, plug-in bugs targeted by and with 'Disdain' kit

WebEx on Firefox is among the targets of a new exploit kit that's started circulating on Russian nastyware exchanges.
The Disdain-based exploit kit is described here by security services outfit IntSights, which says the exploit kit is offered by someone using the handle "Cehceny".
David Montenegro (@CryptoInsane) says Disdain is a copy-paste of the open source BEPS exploit kit.
IntSights says the kit includes:
Disdain is rented on a daily, weekly, or monthly basis at US$8...