Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2020-3321

Published: 03/06/2020 Updated: 19/10/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Cisco

Vulnerability Summary

A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an malicious user to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system. The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the malicious user to cause the Webex player application to crash when trying to view the malicious file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco webex player

cisco webex player 3.0

cisco webex player 4.0

cisco webex network recording player

cisco webex network recording player 3.0

cisco webex network recording player 4.0

Recent Articles

Finally done with all those Patch Tuesday updates? Think again! Here's 33 Cisco bug fixes, with five criticals
The Register • Shaun Nichols in San Francisco • 16 Jul 2020

And who's that in the background? Just Oracle and its *cough* 443 bugs

Cisco has emitted 33 security bug fixes in its latest crop of software updates, five of those deemed critical. Those five critical vulnerabilities include two remote code execution bugs (CVE-2020-3323, CVE-2020-3321) – with no workarounds for either other than patching – and one each of authentication bypass (CVE-2020-3144), privilege escalation (CVE-2020-3140), and default credential (CVE-2020-3330) flaws. Affected devices include multiple RV-series routers, the RV110W series VPN Firewall, ...

Read more...

References

CWE-20https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs98259https://nvd.nist.govhttps://www.theregister.co.uk/2020/07/16/cisco_patches_july/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook