CVE-2024-20395 (GCVE-0-2024-20395)
Vulnerability from cvelistv5 – Published: 2024-07-17 16:32 – Updated: 2024-08-01 21:59
VLAI?
Summary
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.
This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.
Severity ?
6.4 (Medium)
CWE
- CWE-523 - Unprotected Transport of Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex Teams |
Affected:
3.0.13464.0
Affected: 3.0.13538.0 Affected: 3.0.13588.0 Affected: 3.0.14154.0 Affected: 3.0.14234.0 Affected: 3.0.14375.0 Affected: 3.0.14741.0 Affected: 3.0.14866.0 Affected: 3.0.15015.0 Affected: 3.0.15036.0 Affected: 3.0.15092.0 Affected: 3.0.15131.0 Affected: 3.0.15164.0 Affected: 3.0.15221.0 Affected: 3.0.15333.0 Affected: 3.0.15410.0 Affected: 3.0.15485.0 Affected: 3.0.15645.0 Affected: 3.0.15711.0 Affected: 3.0.16040.0 Affected: 3.0.16269.0 Affected: 3.0.16273.0 Affected: 3.0.16285.0 Affected: 4.0 Affected: 4.1 Affected: 4.10 Affected: 4.12 Affected: 4.13 Affected: 4.14 Affected: 4.15 Affected: 4.16 Affected: 4.17 Affected: 4.18 Affected: 4.19 Affected: 4.2 Affected: 4.20 Affected: 4.3 Affected: 4.4 Affected: 4.5 Affected: 4.6 Affected: 4.8 Affected: 4.9 Affected: 4.1.57 Affected: 4.1.92 Affected: 4.10.343 Affected: 4.11.211 Affected: 4.12.236 Affected: 4.13.200 Affected: 4.2.42 Affected: 4.2.75 Affected: 4.5.224 Affected: 4.6.197 Affected: 4.7.78 Affected: 4.8.170 Affected: 4.9.205 Affected: 4.9.252 Affected: 4.9.269 Affected: 42.1.0.169 Affected: 42.1.0.21190 Affected: 42.1.0.2219 Affected: 42.10 Affected: 42.10.0.23814 Affected: 42.10.0.24000 Affected: 42.11 Affected: 42.11.0.24187 Affected: 42.12 Affected: 42.12.0.24485 Affected: 42.2 Affected: 42.2.0.21338 Affected: 42.2.0.21486 Affected: 42.3 Affected: 42.3.0.21576 Affected: 42.4.1.22032 Affected: 42.5.0.22259 Affected: 42.6 Affected: 42.6.0.22565 Affected: 42.6.0.22645 Affected: 42.7 Affected: 42.7.0.22904 Affected: 42.7.0.23054 Affected: 42.8 Affected: 42.8.0.23214 Affected: 42.8.0.23281 Affected: 42.9 Affected: 42.9.0.23494 Affected: 43.1 Affected: 43.1.0.24716 Affected: 43.2 Affected: 43.2.0.25157 Affected: 43.2.0.25211 Affected: 43.3 Affected: 43.3.0.25468 Affected: 43.4 Affected: 43.4.0.25788 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webex_teams",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T03:55:23.962265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T13:23:45.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Webex Teams",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-523",
"description": "Unprotected Transport of Credentials",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T16:32:07.102Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"source": {
"advisory": "cisco-sa-webex-app-ZjNm8X8j",
"defects": [
"CSCwj36941",
"CSCwj36943"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20395",
"datePublished": "2024-07-17T16:32:07.102Z",
"dateReserved": "2023-11-08T15:08:07.659Z",
"dateUpdated": "2024-08-01T21:59:42.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funcionalidad de recuperaci\\u00f3n de medios de la aplicaci\\u00f3n Cisco Webex podr\\u00eda permitir que un atacante adyacente no autenticado obtenga acceso a informaci\\u00f3n confidencial de la sesi\\u00f3n. Esta vulnerabilidad se debe a la transmisi\\u00f3n insegura de solicitudes a servicios de backend cuando la aplicaci\\u00f3n accede a medios integrados, como im\\u00e1genes. Un atacante podr\\u00eda aprovechar esta vulnerabilidad enviando un mensaje con medios integrados almacenados en un servidor de mensajer\\u00eda a un usuario objetivo. Si el atacante puede observar el tr\\u00e1fico transmitido en una posici\\u00f3n privilegiada de la red, una explotaci\\u00f3n exitosa podr\\u00eda permitirle capturar informaci\\u00f3n del token de sesi\\u00f3n de solicitudes transmitidas de manera insegura y posiblemente reutilizar la informaci\\u00f3n de la sesi\\u00f3n capturada para tomar acciones adicionales como el usuario objetivo.\"}]",
"id": "CVE-2024-20395",
"lastModified": "2024-11-21T08:52:32.550",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.2}]}",
"published": "2024-07-17T17:15:12.833",
"references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-523\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20395\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2024-07-17T17:15:12.833\",\"lastModified\":\"2025-07-31T16:04:57.460\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de recuperaci\u00f3n de medios de la aplicaci\u00f3n Cisco Webex podr\u00eda permitir que un atacante adyacente no autenticado obtenga acceso a informaci\u00f3n confidencial de la sesi\u00f3n. Esta vulnerabilidad se debe a la transmisi\u00f3n insegura de solicitudes a servicios de backend cuando la aplicaci\u00f3n accede a medios integrados, como im\u00e1genes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje con medios integrados almacenados en un servidor de mensajer\u00eda a un usuario objetivo. Si el atacante puede observar el tr\u00e1fico transmitido en una posici\u00f3n privilegiada de la red, una explotaci\u00f3n exitosa podr\u00eda permitirle capturar informaci\u00f3n del token de sesi\u00f3n de solicitudes transmitidas de manera insegura y posiblemente reutilizar la informaci\u00f3n de la sesi\u00f3n capturada para tomar acciones adicionales como el usuario objetivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-523\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A0731376-1EF1-4361-89D9-6B2C0B64370E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8289243E-6CEC-43EC-B65C-9EA5E909D951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F25EF33F-1164-4A67-B60B-EB6467DE9D9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C66338FC-7D39-459A-A42B-E26E9181C436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8C1AAA94-BE6C-4092-8770-F2F646B79E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FA788BAC-1DC0-42E4-BA10-2A89934E84F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A6DDBEE5-D11F-4BFF-9A5C-028407FBAA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4499D4FB-FC7C-4974-8343-57B2CAE63136\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"E7CA0AAA-E188-4750-81B1-39B191551FA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"90657271-CDE4-4BCE-9382-0CF7A93B97D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"9E2928B4-6CA9-4CB4-9AAB-036974746EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5134AE77-8890-422F-8328-0676FB4D863C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B72A2ADC-98EE-4EE2-8EDD-8D24432526AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FB34AF13-AACA-450A-B55B-91D87AE36453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"50B3FEE3-C3F2-4134-931F-CAD806F87156\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4E2C3B35-124E-45B7-9EBC-EF1507CAAEC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6483C20E-E95D-443E-9C0E-8FFA0A54292D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"AA1D8B71-94F1-438B-98FD-2F7A17CF7663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FC5DC5E2-4FAB-4C7C-915F-0310A85A90B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"33A4716E-0A8E-450C-8A23-99EC4818CA8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FFD800A7-5E0A-463D-95F8-543DBECCCB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"57EBA9CF-6588-40D1-BF98-A3189E0BD8AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"44405865-5EE6-4AFE-BE55-ED149A614C1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"884A4E78-54EE-49F1-B414-D67498B61015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"541722A6-CA34-4999-891C-9245F9958F9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"607A5868-98E7-4693-9E86-EBD48764A06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6538CBC9-0BFA-4DB3-A754-3B770E3230CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F6030AFD-E170-42E2-9C13-588AA08BE560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DDCAF3B6-251B-4468-9A84-8E7204EFE065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0547F801-29FE-4AB5-AA6B-478920062928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4753283B-14DA-42A8-8577-084067645E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"D1E4DAE5-03B4-409F-B1F0-D325F7743063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BB84CCC7-0BA0-4FDE-A8B9-0C83967D1769\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4027766A-85CF-4BF7-9FEA-04DED535DBD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7F114421-1DA7-47F6-A3B1-9B739B3B78ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CEA1CE45-C406-45DD-AEEE-5E5FE4C52091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1F5891B7-C9FA-4BF6-BC5D-D2CFC8A28CE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"831FC631-4D0D-424A-A743-E0EF2240853D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CB1D62ED-0FB0-423B-AB3A-ECBBCE1D750E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"451837E9-1C00-4AEE-9CBA-0BCD62F10EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"89E775E8-CF8E-412E-91FB-FE4FBE4E8875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DF746917-7BD5-4111-86FA-E3A7C66B7D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FD2EFE51-A37B-431B-BB7D-F61F42F66513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"82F843BE-035F-41DE-B875-96412D40E633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"34AEDBA9-436A-4FFF-B32E-4D8EEE07E1E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"17C5AF29-BCDB-47F5-A33A-121D8709D1DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C0F8C917-86F7-41B4-8952-EE60F39705FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B87F5E8E-0B62-4F44-968C-848C8844911C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4F9169C8-D677-4550-BB1D-661BCE66A6E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5751F200-C070-4F38-9A49-CD0C81890663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C9E2FE4F-2A69-4516-A507-5E0804186D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8FA482C9-BEA4-4CB3-9FA0-7F49F9994817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"D43460DB-12F9-44CA-8F2B-043C0BA90462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F52C9271-5B79-4AA2-B0BD-1920A746C874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BDE335B1-47B3-4B6A-9348-4C09F638F6D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0FD7D1F8-DAC9-4A82-ADCF-1B28B036A097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2B28E8FB-339C-47BE-A0ED-F499C50F0F19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7C8BB483-0BB1-4415-8DE3-0817AD0F05C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"08FA3F4E-1DD9-40CA-82FB-42B3451CB50E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BDC16500-BE29-4F48-B10F-CF1A5E5170BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8482BEDC-AA74-4DA4-919E-0A4F57551F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DC462FE6-D300-4A60-9A39-366420CA2930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A3C5E73E-6AFE-4A40-920A-7C511477AAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"27A08866-6C64-41CF-A228-F838CF3A0370\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8671E430-9610-475B-A42B-23D9B389531F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B6C446D7-7700-448A-B9CE-99F8E4E5D119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6A5BBD96-10D5-4E7D-92D5-924C87146450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7494FC8F-E36D-49D3-8BCB-F51C14B125CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0933FFB3-20B9-4911-868B-27A6ACBE1E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"9BFA48AE-1685-407B-8917-7F277657D3D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"501BAD21-7B5E-4E7D-8CC7-86828124AF5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"61DAC3AC-AE37-43C3-B65C-CC513E90E069\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DC18AF9B-AC2F-4183-8021-BF08026FA33B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EF1964F5-CCEC-4D0C-94D1-3F83726CB5A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"798FCD25-77F4-4625-91D5-E1BBE353B7C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CF286711-7D09-4125-BDCE-6FCC520A54B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"01ED5949-173F-42A6-A0B0-67C47125F966\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1EB7D461-BFF7-4D4A-A6B4-BCF290379076\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2C29410E-7B91-40DC-8AD2-C30A9162E822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"E4B6854B-7843-4FBF-81AA-ABA6145F8458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"16D9C9E7-98B3-4A6A-AC48-F8E7C18CA1FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"573337DC-A95D-4720-9637-3BE590410FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1C54D0AC-F9EC-4FA7-9BA6-6DBDC3743C64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CF2E05E2-B6B6-419D-BE2F-BFB743EFB619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5FB14348-E1EE-43E6-A66E-23B78E805DFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"97A7514D-3BEF-4895-B313-E38D0EA4ABCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F0AA0F07-C8DF-4AC1-8799-0D2612FA65E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0BF47256-96E9-46C3-BCA0-80A0A0077AF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EAC1AE74-F875-4161-95A3-102E5AC35015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"60571D58-E948-4F17-9A9B-7F853D85C995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4B33A187-3E22-4A56-8E3D-6AB7218099A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5356285B-A3C2-45D2-BE88-41B3F27DD294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"19D33A9F-0EF2-4CB2-B085-AFB46DBBE4F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"ED47DCB3-FABB-4AAE-A565-09A13693E5F9\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-07-17T16:32:07.102Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Webex Teams\", \"versions\": [{\"version\": \"3.0.13464.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13538.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13588.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14154.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14234.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14375.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14741.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14866.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15015.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15036.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15092.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15131.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15164.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15221.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15333.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15410.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15485.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15645.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15711.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16040.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16269.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16273.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16285.0\", \"status\": \"affected\"}, {\"version\": \"4.0\", \"status\": \"affected\"}, {\"version\": \"4.1\", \"status\": \"affected\"}, {\"version\": \"4.10\", \"status\": \"affected\"}, {\"version\": \"4.12\", \"status\": \"affected\"}, {\"version\": \"4.13\", \"status\": \"affected\"}, {\"version\": \"4.14\", \"status\": \"affected\"}, {\"version\": \"4.15\", \"status\": \"affected\"}, {\"version\": \"4.16\", \"status\": \"affected\"}, {\"version\": \"4.17\", \"status\": \"affected\"}, {\"version\": \"4.18\", \"status\": \"affected\"}, {\"version\": \"4.19\", \"status\": \"affected\"}, {\"version\": \"4.2\", \"status\": \"affected\"}, {\"version\": \"4.20\", \"status\": \"affected\"}, {\"version\": \"4.3\", \"status\": \"affected\"}, {\"version\": \"4.4\", \"status\": \"affected\"}, {\"version\": \"4.5\", \"status\": \"affected\"}, {\"version\": \"4.6\", \"status\": \"affected\"}, {\"version\": \"4.8\", \"status\": \"affected\"}, {\"version\": \"4.9\", \"status\": \"affected\"}, {\"version\": \"4.1.57\", \"status\": \"affected\"}, {\"version\": \"4.1.92\", \"status\": \"affected\"}, {\"version\": \"4.10.343\", \"status\": \"affected\"}, {\"version\": \"4.11.211\", \"status\": \"affected\"}, {\"version\": \"4.12.236\", \"status\": \"affected\"}, {\"version\": \"4.13.200\", \"status\": \"affected\"}, {\"version\": \"4.2.42\", \"status\": \"affected\"}, {\"version\": \"4.2.75\", \"status\": \"affected\"}, {\"version\": \"4.5.224\", \"status\": \"affected\"}, {\"version\": \"4.6.197\", \"status\": \"affected\"}, {\"version\": \"4.7.78\", \"status\": \"affected\"}, {\"version\": \"4.8.170\", \"status\": \"affected\"}, {\"version\": \"4.9.205\", \"status\": \"affected\"}, {\"version\": \"4.9.252\", \"status\": \"affected\"}, {\"version\": \"4.9.269\", \"status\": \"affected\"}, {\"version\": \"42.1.0.169\", \"status\": \"affected\"}, {\"version\": \"42.1.0.21190\", \"status\": \"affected\"}, {\"version\": \"42.1.0.2219\", \"status\": \"affected\"}, {\"version\": \"42.10\", \"status\": \"affected\"}, {\"version\": \"42.10.0.23814\", \"status\": \"affected\"}, {\"version\": \"42.10.0.24000\", \"status\": \"affected\"}, {\"version\": \"42.11\", \"status\": \"affected\"}, {\"version\": \"42.11.0.24187\", \"status\": \"affected\"}, {\"version\": \"42.12\", \"status\": \"affected\"}, {\"version\": \"42.12.0.24485\", \"status\": \"affected\"}, {\"version\": \"42.2\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21338\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21486\", \"status\": \"affected\"}, {\"version\": \"42.3\", \"status\": \"affected\"}, {\"version\": \"42.3.0.21576\", \"status\": \"affected\"}, {\"version\": \"42.4.1.22032\", \"status\": \"affected\"}, {\"version\": \"42.5.0.22259\", \"status\": \"affected\"}, {\"version\": \"42.6\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22565\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22645\", \"status\": \"affected\"}, {\"version\": \"42.7\", \"status\": \"affected\"}, {\"version\": \"42.7.0.22904\", \"status\": \"affected\"}, {\"version\": \"42.7.0.23054\", \"status\": \"affected\"}, {\"version\": \"42.8\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23214\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23281\", \"status\": \"affected\"}, {\"version\": \"42.9\", \"status\": \"affected\"}, {\"version\": \"42.9.0.23494\", \"status\": \"affected\"}, {\"version\": \"43.1\", \"status\": \"affected\"}, {\"version\": \"43.1.0.24716\", \"status\": \"affected\"}, {\"version\": \"43.2\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25157\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25211\", \"status\": \"affected\"}, {\"version\": \"43.3\", \"status\": \"affected\"}, {\"version\": \"43.3.0.25468\", \"status\": \"affected\"}, {\"version\": \"43.4\", \"status\": \"affected\"}, {\"version\": \"43.4.0.25788\", \"status\": \"affected\"}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Unprotected Transport of Credentials\", \"type\": \"cwe\", \"cweId\": \"CWE-523\"}]}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\", \"name\": \"cisco-sa-webex-app-ZjNm8X8j\"}], \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"source\": {\"advisory\": \"cisco-sa-webex-app-ZjNm8X8j\", \"discovery\": \"EXTERNAL\", \"defects\": [\"CSCwj36941\", \"CSCwj36943\"]}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20395\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-18T03:55:23.962265Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"webex_teams\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.13464.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13538.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13588.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14154.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14234.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14375.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14741.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14866.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15015.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15036.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15092.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15131.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15164.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15221.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15333.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15410.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15485.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15645.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15711.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16040.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16269.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16273.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16285.0\"}, {\"status\": \"affected\", \"version\": \"4.0\"}, {\"status\": \"affected\", \"version\": \"4.1\"}, {\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"affected\", \"version\": \"4.12\"}, {\"status\": \"affected\", \"version\": \"4.13\"}, {\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"affected\", \"version\": \"4.15\"}, {\"status\": \"affected\", \"version\": \"4.16\"}, {\"status\": \"affected\", \"version\": \"4.17\"}, {\"status\": \"affected\", \"version\": \"4.18\"}, {\"status\": \"affected\", \"version\": \"4.19\"}, {\"status\": \"affected\", \"version\": \"4.2\"}, {\"status\": \"affected\", \"version\": \"4.20\"}, {\"status\": \"affected\", \"version\": \"4.3\"}, {\"status\": \"affected\", \"version\": \"4.4\"}, {\"status\": \"affected\", \"version\": \"4.5\"}, {\"status\": \"affected\", \"version\": \"4.6\"}, {\"status\": \"affected\", \"version\": \"4.8\"}, {\"status\": \"affected\", \"version\": \"4.9\"}, {\"status\": \"affected\", \"version\": \"4.1.57\"}, {\"status\": \"affected\", \"version\": \"4.1.92\"}, {\"status\": \"affected\", \"version\": \"4.10.343\"}, {\"status\": \"affected\", \"version\": \"4.11.211\"}, {\"status\": \"affected\", \"version\": \"4.12.236\"}, {\"status\": \"affected\", \"version\": \"4.13.200\"}, {\"status\": \"affected\", \"version\": \"4.2.42\"}, {\"status\": \"affected\", \"version\": \"4.2.75\"}, {\"status\": \"affected\", \"version\": \"4.5.224\"}, {\"status\": \"affected\", \"version\": \"4.6.197\"}, {\"status\": \"affected\", \"version\": \"4.7.78\"}, {\"status\": \"affected\", \"version\": \"4.8.170\"}, {\"status\": \"affected\", \"version\": \"4.9.205\"}, {\"status\": \"affected\", \"version\": \"4.9.252\"}, {\"status\": \"affected\", \"version\": \"4.9.269\"}, {\"status\": \"affected\", \"version\": \"42.1.0.169\"}, {\"status\": \"affected\", \"version\": \"42.1.0.21190\"}, {\"status\": \"affected\", \"version\": \"42.1.0.2219\"}, {\"status\": \"affected\", \"version\": \"42.10\"}, {\"status\": \"affected\", \"version\": \"42.10.0.23814\"}, {\"status\": \"affected\", \"version\": \"42.10.0.24000\"}, {\"status\": \"affected\", \"version\": \"42.11\"}, {\"status\": \"affected\", \"version\": \"42.11.0.24187\"}, {\"status\": \"affected\", \"version\": \"42.12\"}, {\"status\": \"affected\", \"version\": \"42.12.0.24485\"}, {\"status\": \"affected\", \"version\": \"42.2\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21338\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21486\"}, {\"status\": \"affected\", \"version\": \"42.3\"}, {\"status\": \"affected\", \"version\": \"42.3.0.21576\"}, {\"status\": \"affected\", \"version\": \"42.4.1.22032\"}, {\"status\": \"affected\", \"version\": \"42.5.0.22259\"}, {\"status\": \"affected\", \"version\": \"42.6\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22565\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22645\"}, {\"status\": \"affected\", \"version\": \"42.7\"}, {\"status\": \"affected\", \"version\": \"42.7.0.22904\"}, {\"status\": \"affected\", \"version\": \"42.7.0.23054\"}, {\"status\": \"affected\", \"version\": \"42.8\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23214\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23281\"}, {\"status\": \"affected\", \"version\": \"42.9\"}, {\"status\": \"affected\", \"version\": \"42.9.0.23494\"}, {\"status\": \"affected\", \"version\": \"43.1\"}, {\"status\": \"affected\", \"version\": \"43.1.0.24716\"}, {\"status\": \"affected\", \"version\": \"43.2\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25157\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25211\"}, {\"status\": \"affected\", \"version\": \"43.3\"}, {\"status\": \"affected\", \"version\": \"43.3.0.25468\"}, {\"status\": \"affected\", \"version\": \"43.4\"}, {\"status\": \"affected\", \"version\": \"43.4.0.25788\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-18T13:15:14.500Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20395\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"cisco\", \"dateReserved\": \"2023-11-08T15:08:07.659Z\", \"datePublished\": \"2024-07-17T16:32:07.102Z\", \"dateUpdated\": \"2024-07-18T13:23:45.549Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…