Published: 04/09/2020 Updated: 07/11/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

A vulnerability in Cisco Webex Training could allow an authenticated, remote malicious user to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could exploit this vulnerability by sending an API request to the application, which would return a URL that includes a meeting join page that is prepopulated with the meeting username and password. A successful exploit could allow the malicious user to join the password-protected meeting. The attacker would be visible in the attendee list of the meeting.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex training

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow An attacker could exploit this vulnerability by sending an API request to th ...

CWE-20 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-UtbwOR4Q https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-UtbwOR4Q

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-3542

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect