CVE-2017-12367
Last modified
CVE-2017-12367 is a vulnerability of currently unknown severity. A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. EPSS estimates a 2.83% chance of exploitation in the next 30 days.
Description
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCve11545, CSCve02843, CSCve11548.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | t29 |
| Cisco | Webex Meetings Server | t30 |
| Cisco | Webex Meetings Server | t31.11.2 |
References
- http://www.securityfocus.com/bid/102017Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039895Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/102017Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039895Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-12367?
How severe is CVE-2017-12367?
How do I fix CVE-2017-12367?
Are you affected by CVE-2017-12367?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST