Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2021-1525

Published: 04/06/2021 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Webex Meetings Server

Vulnerability Summary

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote malicious user to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit this vulnerability by persuading a user to follow a specially crafted URL that is designed to cause Cisco Webex Meetings to include a remote file in the web UI. A successful exploit could allow the malicious user to cause the application to offer a remote file to a user, which could allow the malicious user to conduct further phishing or spoofing attacks.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco webex meetings server

cisco webex meetings server 3.0

cisco webex meetings server 4.0

cisco webex meetings online 41.3.5

Vendor Advisories

Cisco: Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file This vulnerability is due to improper validation of URL paths in the application interface An attacker could exploit this vulnerability by persuading a user to follow a specially crafted URL ...

References

CWE-601https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PHhttps://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook