var-201805-0523
Vulnerability from variot
A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WRF Player. An attacker could exploit this vulnerability by utilizing a maliciously crafted file that could bypass checks in the code and enable an attacker to read memory from outside the bounds of the mapped file. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCvh89107, CSCvh89113, CSCvh89132, CSCvh89142. Vendors have confirmed this vulnerability Bug ID CSCvh89107 , CSCvh89113 , CSCvh89132 ,and CSCvh89142 It is released as.Information may be obtained. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger a read past the end of a mapped view of a file. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0523",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31.20"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31.20.2"
},
{
"model": "webex",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex wrf player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0288"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
}
],
"trust": 1.4
},
"cve": "CVE-2018-0288",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-0288",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-0288",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-118490",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-0288",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0288",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-0288",
"trust": 1.4,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-073",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118490",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WRF Player. An attacker could exploit this vulnerability by utilizing a maliciously crafted file that could bypass checks in the code and enable an attacker to read memory from outside the bounds of the mapped file. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCvh89107, CSCvh89113, CSCvh89132, CSCvh89142. Vendors have confirmed this vulnerability Bug ID CSCvh89107 , CSCvh89113 , CSCvh89132 ,and CSCvh89142 It is released as.Information may be obtained. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger a read past the end of a mapped view of a file. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "VULHUB",
"id": "VHN-118490"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0288",
"trust": 4.2
},
{
"db": "BID",
"id": "104091",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040825",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5599",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-425",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5598",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-424",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118490",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"id": "VAR-201805-0523",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118490"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:51.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id"
},
{
"title": "cisco-sa-20180502-webex-id",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id#vp"
},
{
"title": "Cisco WebEx Business Suite meeting sites and WebEx Meetings sites WebEx Recording Format Player Information disclosure vulnerability Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79809"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104091"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1040825"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0288"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0288"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"date": "2018-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-118490"
},
{
"date": "2018-05-02T00:00:00",
"db": "BID",
"id": "104091"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"date": "2018-05-02T22:29:01.387000",
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"date": "2018-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-118490"
},
{
"date": "2018-05-02T00:00:00",
"db": "BID",
"id": "104091"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"date": "2020-09-04T18:34:06.920000",
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recorder and Player WRF File Length Field Out-Of-Bounds Read Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.