Vulnerability-Lookup

BDU:2024-05754

Vulnerability from fstec - Published: 17.07.2024

Title

Уязвимость функции извлечения мультимедиа программного обеспечения для веб-конференцсвязи Cisco Webex Teams, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Description

Уязвимость функции извлечения мультимедиа программного обеспечения для веб-конференцсвязи Cisco Webex Teams связана с небезопасной передачей запросов к внутренним службам. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации с помощью специально сформированного медиафайла

Severity ?


                    
                      AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Vendor

Cisco Systems Inc.

Software Name

Cisco Webex Teams

Software Version

от 3.0.13464.0 до 3.0.16285.0 (Cisco Webex Teams), от 42.1.0.21190 до 42.9.0.23494 (Cisco Webex Teams), от 43.1.0.24716 до 43.4.0.25788 (Cisco Webex Teams), от 4.0 до 4.9 (Cisco Webex Teams)

Possible Mitigations

Компенсирующие меры: - использование средств межсетевого экранирования для ограничения доступа к недоверенным ресурсам и перехода по нежелательным ссылкам; - использование замкнутой программной среды для работы с файлами, полученными из недоверенных источников; - минимизация пользовательских привилегий; - ограничение доступа из внешних сетей (Интернет); - использование виртуальных частных сетей для организации удаленного доступа (VPN).

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j https://vuldb.com/ru/?id.271851 https://www.recordedfuture.com/vulnerability-database/CVE-2024-20395 https://debricked.com/vulnerability-database/vulnerability/CVE-2024-20395

CWE

CWE-523

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:H/Au:N/C:C/I:C/A:N",
  "CVSS 3.0": "AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 3.0.13464.0 \u0434\u043e 3.0.16285.0 (Cisco Webex Teams), \u043e\u0442 42.1.0.21190 \u0434\u043e 42.9.0.23494 (Cisco Webex Teams), \u043e\u0442 43.1.0.24716 \u0434\u043e 43.4.0.25788 (Cisco Webex Teams), \u043e\u0442 4.0 \u0434\u043e 4.9 (Cisco Webex Teams)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0438 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043f\u043e \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0441\u0441\u044b\u043b\u043a\u0430\u043c;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u043c\u043a\u043d\u0443\u0442\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442);\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (VPN).",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.07.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "25.07.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.07.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-05754",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-20395",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Webex Teams",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0435\u0431-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0441\u0432\u044f\u0437\u0438 Cisco Webex Teams, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u0430\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0430 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-523)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0435\u0431-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0441\u0432\u044f\u0437\u0438 Cisco Webex Teams \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u043b\u0443\u0436\u0431\u0430\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043c\u0435\u0434\u0438\u0430\u0444\u0430\u0439\u043b\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\nhttps://vuldb.com/ru/?id.271851\nhttps://www.recordedfuture.com/vulnerability-database/CVE-2024-20395\nhttps://debricked.com/vulnerability-database/vulnerability/CVE-2024-20395",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-523",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)"
}

CVE-2024-20395 (GCVE-0-2024-20395)

Vulnerability from cvelistv5 – Published: 2024-07-17 16:32 – Updated: 2024-08-01 21:59

Summary

A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE

CWE-523 - Unprotected Transport of Credentials

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Webex Teams	Affected: 3.0.13464.0 Affected: 3.0.13538.0 Affected: 3.0.13588.0 Affected: 3.0.14154.0 Affected: 3.0.14234.0 Affected: 3.0.14375.0 Affected: 3.0.14741.0 Affected: 3.0.14866.0 Affected: 3.0.15015.0 Affected: 3.0.15036.0 Affected: 3.0.15092.0 Affected: 3.0.15131.0 Affected: 3.0.15164.0 Affected: 3.0.15221.0 Affected: 3.0.15333.0 Affected: 3.0.15410.0 Affected: 3.0.15485.0 Affected: 3.0.15645.0 Affected: 3.0.15711.0 Affected: 3.0.16040.0 Affected: 3.0.16269.0 Affected: 3.0.16273.0 Affected: 3.0.16285.0 Affected: 4.0 Affected: 4.1 Affected: 4.10 Affected: 4.12 Affected: 4.13 Affected: 4.14 Affected: 4.15 Affected: 4.16 Affected: 4.17 Affected: 4.18 Affected: 4.19 Affected: 4.2 Affected: 4.20 Affected: 4.3 Affected: 4.4 Affected: 4.5 Affected: 4.6 Affected: 4.8 Affected: 4.9 Affected: 4.1.57 Affected: 4.1.92 Affected: 4.10.343 Affected: 4.11.211 Affected: 4.12.236 Affected: 4.13.200 Affected: 4.2.42 Affected: 4.2.75 Affected: 4.5.224 Affected: 4.6.197 Affected: 4.7.78 Affected: 4.8.170 Affected: 4.9.205 Affected: 4.9.252 Affected: 4.9.269 Affected: 42.1.0.169 Affected: 42.1.0.21190 Affected: 42.1.0.2219 Affected: 42.10 Affected: 42.10.0.23814 Affected: 42.10.0.24000 Affected: 42.11 Affected: 42.11.0.24187 Affected: 42.12 Affected: 42.12.0.24485 Affected: 42.2 Affected: 42.2.0.21338 Affected: 42.2.0.21486 Affected: 42.3 Affected: 42.3.0.21576 Affected: 42.4.1.22032 Affected: 42.5.0.22259 Affected: 42.6 Affected: 42.6.0.22565 Affected: 42.6.0.22645 Affected: 42.7 Affected: 42.7.0.22904 Affected: 42.7.0.23054 Affected: 42.8 Affected: 42.8.0.23214 Affected: 42.8.0.23281 Affected: 42.9 Affected: 42.9.0.23494 Affected: 43.1 Affected: 43.1.0.24716 Affected: 43.2 Affected: 43.2.0.25157 Affected: 43.2.0.25211 Affected: 43.3 Affected: 43.3.0.25468 Affected: 43.4 Affected: 43.4.0.25788

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*",
              "cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "webex_teams",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "3.0.13464.0"
              },
              {
                "status": "affected",
                "version": "3.0.13538.0"
              },
              {
                "status": "affected",
                "version": "3.0.13588.0"
              },
              {
                "status": "affected",
                "version": "3.0.14154.0"
              },
              {
                "status": "affected",
                "version": "3.0.14234.0"
              },
              {
                "status": "affected",
                "version": "3.0.14375.0"
              },
              {
                "status": "affected",
                "version": "3.0.14741.0"
              },
              {
                "status": "affected",
                "version": "3.0.14866.0"
              },
              {
                "status": "affected",
                "version": "3.0.15015.0"
              },
              {
                "status": "affected",
                "version": "3.0.15036.0"
              },
              {
                "status": "affected",
                "version": "3.0.15092.0"
              },
              {
                "status": "affected",
                "version": "3.0.15131.0"
              },
              {
                "status": "affected",
                "version": "3.0.15164.0"
              },
              {
                "status": "affected",
                "version": "3.0.15221.0"
              },
              {
                "status": "affected",
                "version": "3.0.15333.0"
              },
              {
                "status": "affected",
                "version": "3.0.15410.0"
              },
              {
                "status": "affected",
                "version": "3.0.15485.0"
              },
              {
                "status": "affected",
                "version": "3.0.15645.0"
              },
              {
                "status": "affected",
                "version": "3.0.15711.0"
              },
              {
                "status": "affected",
                "version": "3.0.16040.0"
              },
              {
                "status": "affected",
                "version": "3.0.16269.0"
              },
              {
                "status": "affected",
                "version": "3.0.16273.0"
              },
              {
                "status": "affected",
                "version": "3.0.16285.0"
              },
              {
                "status": "affected",
                "version": "4.0"
              },
              {
                "status": "affected",
                "version": "4.1"
              },
              {
                "status": "affected",
                "version": "4.10"
              },
              {
                "status": "affected",
                "version": "4.12"
              },
              {
                "status": "affected",
                "version": "4.13"
              },
              {
                "status": "affected",
                "version": "4.14"
              },
              {
                "status": "affected",
                "version": "4.15"
              },
              {
                "status": "affected",
                "version": "4.16"
              },
              {
                "status": "affected",
                "version": "4.17"
              },
              {
                "status": "affected",
                "version": "4.18"
              },
              {
                "status": "affected",
                "version": "4.19"
              },
              {
                "status": "affected",
                "version": "4.2"
              },
              {
                "status": "affected",
                "version": "4.20"
              },
              {
                "status": "affected",
                "version": "4.3"
              },
              {
                "status": "affected",
                "version": "4.4"
              },
              {
                "status": "affected",
                "version": "4.5"
              },
              {
                "status": "affected",
                "version": "4.6"
              },
              {
                "status": "affected",
                "version": "4.8"
              },
              {
                "status": "affected",
                "version": "4.9"
              },
              {
                "status": "affected",
                "version": "4.1.57"
              },
              {
                "status": "affected",
                "version": "4.1.92"
              },
              {
                "status": "affected",
                "version": "4.10.343"
              },
              {
                "status": "affected",
                "version": "4.11.211"
              },
              {
                "status": "affected",
                "version": "4.12.236"
              },
              {
                "status": "affected",
                "version": "4.13.200"
              },
              {
                "status": "affected",
                "version": "4.2.42"
              },
              {
                "status": "affected",
                "version": "4.2.75"
              },
              {
                "status": "affected",
                "version": "4.5.224"
              },
              {
                "status": "affected",
                "version": "4.6.197"
              },
              {
                "status": "affected",
                "version": "4.7.78"
              },
              {
                "status": "affected",
                "version": "4.8.170"
              },
              {
                "status": "affected",
                "version": "4.9.205"
              },
              {
                "status": "affected",
                "version": "4.9.252"
              },
              {
                "status": "affected",
                "version": "4.9.269"
              },
              {
                "status": "affected",
                "version": "42.1.0.169"
              },
              {
                "status": "affected",
                "version": "42.1.0.21190"
              },
              {
                "status": "affected",
                "version": "42.1.0.2219"
              },
              {
                "status": "affected",
                "version": "42.10"
              },
              {
                "status": "affected",
                "version": "42.10.0.23814"
              },
              {
                "status": "affected",
                "version": "42.10.0.24000"
              },
              {
                "status": "affected",
                "version": "42.11"
              },
              {
                "status": "affected",
                "version": "42.11.0.24187"
              },
              {
                "status": "affected",
                "version": "42.12"
              },
              {
                "status": "affected",
                "version": "42.12.0.24485"
              },
              {
                "status": "affected",
                "version": "42.2"
              },
              {
                "status": "affected",
                "version": "42.2.0.21338"
              },
              {
                "status": "affected",
                "version": "42.2.0.21486"
              },
              {
                "status": "affected",
                "version": "42.3"
              },
              {
                "status": "affected",
                "version": "42.3.0.21576"
              },
              {
                "status": "affected",
                "version": "42.4.1.22032"
              },
              {
                "status": "affected",
                "version": "42.5.0.22259"
              },
              {
                "status": "affected",
                "version": "42.6"
              },
              {
                "status": "affected",
                "version": "42.6.0.22565"
              },
              {
                "status": "affected",
                "version": "42.6.0.22645"
              },
              {
                "status": "affected",
                "version": "42.7"
              },
              {
                "status": "affected",
                "version": "42.7.0.22904"
              },
              {
                "status": "affected",
                "version": "42.7.0.23054"
              },
              {
                "status": "affected",
                "version": "42.8"
              },
              {
                "status": "affected",
                "version": "42.8.0.23214"
              },
              {
                "status": "affected",
                "version": "42.8.0.23281"
              },
              {
                "status": "affected",
                "version": "42.9"
              },
              {
                "status": "affected",
                "version": "42.9.0.23494"
              },
              {
                "status": "affected",
                "version": "43.1"
              },
              {
                "status": "affected",
                "version": "43.1.0.24716"
              },
              {
                "status": "affected",
                "version": "43.2"
              },
              {
                "status": "affected",
                "version": "43.2.0.25157"
              },
              {
                "status": "affected",
                "version": "43.2.0.25211"
              },
              {
                "status": "affected",
                "version": "43.3"
              },
              {
                "status": "affected",
                "version": "43.3.0.25468"
              },
              {
                "status": "affected",
                "version": "43.4"
              },
              {
                "status": "affected",
                "version": "43.4.0.25788"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20395",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-18T03:55:23.962265Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-18T13:23:45.549Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:59:42.341Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-webex-app-ZjNm8X8j",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Webex Teams",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.13464.0"
            },
            {
              "status": "affected",
              "version": "3.0.13538.0"
            },
            {
              "status": "affected",
              "version": "3.0.13588.0"
            },
            {
              "status": "affected",
              "version": "3.0.14154.0"
            },
            {
              "status": "affected",
              "version": "3.0.14234.0"
            },
            {
              "status": "affected",
              "version": "3.0.14375.0"
            },
            {
              "status": "affected",
              "version": "3.0.14741.0"
            },
            {
              "status": "affected",
              "version": "3.0.14866.0"
            },
            {
              "status": "affected",
              "version": "3.0.15015.0"
            },
            {
              "status": "affected",
              "version": "3.0.15036.0"
            },
            {
              "status": "affected",
              "version": "3.0.15092.0"
            },
            {
              "status": "affected",
              "version": "3.0.15131.0"
            },
            {
              "status": "affected",
              "version": "3.0.15164.0"
            },
            {
              "status": "affected",
              "version": "3.0.15221.0"
            },
            {
              "status": "affected",
              "version": "3.0.15333.0"
            },
            {
              "status": "affected",
              "version": "3.0.15410.0"
            },
            {
              "status": "affected",
              "version": "3.0.15485.0"
            },
            {
              "status": "affected",
              "version": "3.0.15645.0"
            },
            {
              "status": "affected",
              "version": "3.0.15711.0"
            },
            {
              "status": "affected",
              "version": "3.0.16040.0"
            },
            {
              "status": "affected",
              "version": "3.0.16269.0"
            },
            {
              "status": "affected",
              "version": "3.0.16273.0"
            },
            {
              "status": "affected",
              "version": "3.0.16285.0"
            },
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "status": "affected",
              "version": "4.12"
            },
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "status": "affected",
              "version": "4.2"
            },
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "status": "affected",
              "version": "4.4"
            },
            {
              "status": "affected",
              "version": "4.5"
            },
            {
              "status": "affected",
              "version": "4.6"
            },
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "status": "affected",
              "version": "4.9"
            },
            {
              "status": "affected",
              "version": "4.1.57"
            },
            {
              "status": "affected",
              "version": "4.1.92"
            },
            {
              "status": "affected",
              "version": "4.10.343"
            },
            {
              "status": "affected",
              "version": "4.11.211"
            },
            {
              "status": "affected",
              "version": "4.12.236"
            },
            {
              "status": "affected",
              "version": "4.13.200"
            },
            {
              "status": "affected",
              "version": "4.2.42"
            },
            {
              "status": "affected",
              "version": "4.2.75"
            },
            {
              "status": "affected",
              "version": "4.5.224"
            },
            {
              "status": "affected",
              "version": "4.6.197"
            },
            {
              "status": "affected",
              "version": "4.7.78"
            },
            {
              "status": "affected",
              "version": "4.8.170"
            },
            {
              "status": "affected",
              "version": "4.9.205"
            },
            {
              "status": "affected",
              "version": "4.9.252"
            },
            {
              "status": "affected",
              "version": "4.9.269"
            },
            {
              "status": "affected",
              "version": "42.1.0.169"
            },
            {
              "status": "affected",
              "version": "42.1.0.21190"
            },
            {
              "status": "affected",
              "version": "42.1.0.2219"
            },
            {
              "status": "affected",
              "version": "42.10"
            },
            {
              "status": "affected",
              "version": "42.10.0.23814"
            },
            {
              "status": "affected",
              "version": "42.10.0.24000"
            },
            {
              "status": "affected",
              "version": "42.11"
            },
            {
              "status": "affected",
              "version": "42.11.0.24187"
            },
            {
              "status": "affected",
              "version": "42.12"
            },
            {
              "status": "affected",
              "version": "42.12.0.24485"
            },
            {
              "status": "affected",
              "version": "42.2"
            },
            {
              "status": "affected",
              "version": "42.2.0.21338"
            },
            {
              "status": "affected",
              "version": "42.2.0.21486"
            },
            {
              "status": "affected",
              "version": "42.3"
            },
            {
              "status": "affected",
              "version": "42.3.0.21576"
            },
            {
              "status": "affected",
              "version": "42.4.1.22032"
            },
            {
              "status": "affected",
              "version": "42.5.0.22259"
            },
            {
              "status": "affected",
              "version": "42.6"
            },
            {
              "status": "affected",
              "version": "42.6.0.22565"
            },
            {
              "status": "affected",
              "version": "42.6.0.22645"
            },
            {
              "status": "affected",
              "version": "42.7"
            },
            {
              "status": "affected",
              "version": "42.7.0.22904"
            },
            {
              "status": "affected",
              "version": "42.7.0.23054"
            },
            {
              "status": "affected",
              "version": "42.8"
            },
            {
              "status": "affected",
              "version": "42.8.0.23214"
            },
            {
              "status": "affected",
              "version": "42.8.0.23281"
            },
            {
              "status": "affected",
              "version": "42.9"
            },
            {
              "status": "affected",
              "version": "42.9.0.23494"
            },
            {
              "status": "affected",
              "version": "43.1"
            },
            {
              "status": "affected",
              "version": "43.1.0.24716"
            },
            {
              "status": "affected",
              "version": "43.2"
            },
            {
              "status": "affected",
              "version": "43.2.0.25157"
            },
            {
              "status": "affected",
              "version": "43.2.0.25211"
            },
            {
              "status": "affected",
              "version": "43.3"
            },
            {
              "status": "affected",
              "version": "43.3.0.25468"
            },
            {
              "status": "affected",
              "version": "43.4"
            },
            {
              "status": "affected",
              "version": "43.4.0.25788"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-523",
              "description": "Unprotected Transport of Credentials",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-17T16:32:07.102Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-webex-app-ZjNm8X8j",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
        }
      ],
      "source": {
        "advisory": "cisco-sa-webex-app-ZjNm8X8j",
        "defects": [
          "CSCwj36941",
          "CSCwj36943"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20395",
    "datePublished": "2024-07-17T16:32:07.102Z",
    "dateReserved": "2023-11-08T15:08:07.659Z",
    "dateUpdated": "2024-08-01T21:59:42.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-05754

CVE-2024-20395 (GCVE-0-2024-20395)

Tags

Sightings

Nomenclature