cve-2024-20395
Vulnerability from cvelistv5
Published
2024-07-17 16:32
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.
This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex Teams |
Version: 3.0.13464.0 Version: 3.0.13538.0 Version: 3.0.13588.0 Version: 3.0.14154.0 Version: 3.0.14234.0 Version: 3.0.14375.0 Version: 3.0.14741.0 Version: 3.0.14866.0 Version: 3.0.15015.0 Version: 3.0.15036.0 Version: 3.0.15092.0 Version: 3.0.15131.0 Version: 3.0.15164.0 Version: 3.0.15221.0 Version: 3.0.15333.0 Version: 3.0.15410.0 Version: 3.0.15485.0 Version: 3.0.15645.0 Version: 3.0.15711.0 Version: 3.0.16040.0 Version: 3.0.16269.0 Version: 3.0.16273.0 Version: 3.0.16285.0 Version: 4.0 Version: 4.1 Version: 4.10 Version: 4.12 Version: 4.13 Version: 4.14 Version: 4.15 Version: 4.16 Version: 4.17 Version: 4.18 Version: 4.19 Version: 4.2 Version: 4.20 Version: 4.3 Version: 4.4 Version: 4.5 Version: 4.6 Version: 4.8 Version: 4.9 Version: 4.1.57 Version: 4.1.92 Version: 4.10.343 Version: 4.11.211 Version: 4.12.236 Version: 4.13.200 Version: 4.2.42 Version: 4.2.75 Version: 4.5.224 Version: 4.6.197 Version: 4.7.78 Version: 4.8.170 Version: 4.9.205 Version: 4.9.252 Version: 4.9.269 Version: 42.1.0.169 Version: 42.1.0.21190 Version: 42.1.0.2219 Version: 42.10 Version: 42.10.0.23814 Version: 42.10.0.24000 Version: 42.11 Version: 42.11.0.24187 Version: 42.12 Version: 42.12.0.24485 Version: 42.2 Version: 42.2.0.21338 Version: 42.2.0.21486 Version: 42.3 Version: 42.3.0.21576 Version: 42.4.1.22032 Version: 42.5.0.22259 Version: 42.6 Version: 42.6.0.22565 Version: 42.6.0.22645 Version: 42.7 Version: 42.7.0.22904 Version: 42.7.0.23054 Version: 42.8 Version: 42.8.0.23214 Version: 42.8.0.23281 Version: 42.9 Version: 42.9.0.23494 Version: 43.1 Version: 43.1.0.24716 Version: 43.2 Version: 43.2.0.25157 Version: 43.2.0.25211 Version: 43.3 Version: 43.3.0.25468 Version: 43.4 Version: 43.4.0.25788 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webex_teams",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T03:55:23.962265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T13:23:45.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Webex Teams",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-523",
"description": "Unprotected Transport of Credentials",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T16:32:07.102Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"source": {
"advisory": "cisco-sa-webex-app-ZjNm8X8j",
"defects": [
"CSCwj36941",
"CSCwj36943"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20395",
"datePublished": "2024-07-17T16:32:07.102Z",
"dateReserved": "2023-11-08T15:08:07.659Z",
"dateUpdated": "2024-08-01T21:59:42.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20395\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2024-07-17T17:15:12.833\",\"lastModified\":\"2024-11-21T08:52:32.550\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de recuperaci\u00f3n de medios de la aplicaci\u00f3n Cisco Webex podr\u00eda permitir que un atacante adyacente no autenticado obtenga acceso a informaci\u00f3n confidencial de la sesi\u00f3n. Esta vulnerabilidad se debe a la transmisi\u00f3n insegura de solicitudes a servicios de backend cuando la aplicaci\u00f3n accede a medios integrados, como im\u00e1genes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje con medios integrados almacenados en un servidor de mensajer\u00eda a un usuario objetivo. Si el atacante puede observar el tr\u00e1fico transmitido en una posici\u00f3n privilegiada de la red, una explotaci\u00f3n exitosa podr\u00eda permitirle capturar informaci\u00f3n del token de sesi\u00f3n de solicitudes transmitidas de manera insegura y posiblemente reutilizar la informaci\u00f3n de la sesi\u00f3n capturada para tomar acciones adicionales como el usuario objetivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-523\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-07-17T16:32:07.102Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Webex Teams\", \"versions\": [{\"version\": \"3.0.13464.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13538.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13588.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14154.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14234.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14375.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14741.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14866.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15015.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15036.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15092.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15131.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15164.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15221.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15333.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15410.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15485.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15645.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15711.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16040.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16269.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16273.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16285.0\", \"status\": \"affected\"}, {\"version\": \"4.0\", \"status\": \"affected\"}, {\"version\": \"4.1\", \"status\": \"affected\"}, {\"version\": \"4.10\", \"status\": \"affected\"}, {\"version\": \"4.12\", \"status\": \"affected\"}, {\"version\": \"4.13\", \"status\": \"affected\"}, {\"version\": \"4.14\", \"status\": \"affected\"}, {\"version\": \"4.15\", \"status\": \"affected\"}, {\"version\": \"4.16\", \"status\": \"affected\"}, {\"version\": \"4.17\", \"status\": \"affected\"}, {\"version\": \"4.18\", \"status\": \"affected\"}, {\"version\": \"4.19\", \"status\": \"affected\"}, {\"version\": \"4.2\", \"status\": \"affected\"}, {\"version\": \"4.20\", \"status\": \"affected\"}, {\"version\": \"4.3\", \"status\": \"affected\"}, {\"version\": \"4.4\", \"status\": \"affected\"}, {\"version\": \"4.5\", \"status\": \"affected\"}, {\"version\": \"4.6\", \"status\": \"affected\"}, {\"version\": \"4.8\", \"status\": \"affected\"}, {\"version\": \"4.9\", \"status\": \"affected\"}, {\"version\": \"4.1.57\", \"status\": \"affected\"}, {\"version\": \"4.1.92\", \"status\": \"affected\"}, {\"version\": \"4.10.343\", \"status\": \"affected\"}, {\"version\": \"4.11.211\", \"status\": \"affected\"}, {\"version\": \"4.12.236\", \"status\": \"affected\"}, {\"version\": \"4.13.200\", \"status\": \"affected\"}, {\"version\": \"4.2.42\", \"status\": \"affected\"}, {\"version\": \"4.2.75\", \"status\": \"affected\"}, {\"version\": \"4.5.224\", \"status\": \"affected\"}, {\"version\": \"4.6.197\", \"status\": \"affected\"}, {\"version\": \"4.7.78\", \"status\": \"affected\"}, {\"version\": \"4.8.170\", \"status\": \"affected\"}, {\"version\": \"4.9.205\", \"status\": \"affected\"}, {\"version\": \"4.9.252\", \"status\": \"affected\"}, {\"version\": \"4.9.269\", \"status\": \"affected\"}, {\"version\": \"42.1.0.169\", \"status\": \"affected\"}, {\"version\": \"42.1.0.21190\", \"status\": \"affected\"}, {\"version\": \"42.1.0.2219\", \"status\": \"affected\"}, {\"version\": \"42.10\", \"status\": \"affected\"}, {\"version\": \"42.10.0.23814\", \"status\": \"affected\"}, {\"version\": \"42.10.0.24000\", \"status\": \"affected\"}, {\"version\": \"42.11\", \"status\": \"affected\"}, {\"version\": \"42.11.0.24187\", \"status\": \"affected\"}, {\"version\": \"42.12\", \"status\": \"affected\"}, {\"version\": \"42.12.0.24485\", \"status\": \"affected\"}, {\"version\": \"42.2\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21338\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21486\", \"status\": \"affected\"}, {\"version\": \"42.3\", \"status\": \"affected\"}, {\"version\": \"42.3.0.21576\", \"status\": \"affected\"}, {\"version\": \"42.4.1.22032\", \"status\": \"affected\"}, {\"version\": \"42.5.0.22259\", \"status\": \"affected\"}, {\"version\": \"42.6\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22565\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22645\", \"status\": \"affected\"}, {\"version\": \"42.7\", \"status\": \"affected\"}, {\"version\": \"42.7.0.22904\", \"status\": \"affected\"}, {\"version\": \"42.7.0.23054\", \"status\": \"affected\"}, {\"version\": \"42.8\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23214\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23281\", \"status\": \"affected\"}, {\"version\": \"42.9\", \"status\": \"affected\"}, {\"version\": \"42.9.0.23494\", \"status\": \"affected\"}, {\"version\": \"43.1\", \"status\": \"affected\"}, {\"version\": \"43.1.0.24716\", \"status\": \"affected\"}, {\"version\": \"43.2\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25157\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25211\", \"status\": \"affected\"}, {\"version\": \"43.3\", \"status\": \"affected\"}, {\"version\": \"43.3.0.25468\", \"status\": \"affected\"}, {\"version\": \"43.4\", \"status\": \"affected\"}, {\"version\": \"43.4.0.25788\", \"status\": \"affected\"}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Unprotected Transport of Credentials\", \"type\": \"cwe\", \"cweId\": \"CWE-523\"}]}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\", \"name\": \"cisco-sa-webex-app-ZjNm8X8j\"}], \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"source\": {\"advisory\": \"cisco-sa-webex-app-ZjNm8X8j\", \"discovery\": \"EXTERNAL\", \"defects\": [\"CSCwj36941\", \"CSCwj36943\"]}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20395\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-18T03:55:23.962265Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"webex_teams\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.13464.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13538.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13588.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14154.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14234.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14375.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14741.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14866.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15015.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15036.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15092.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15131.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15164.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15221.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15333.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15410.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15485.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15645.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15711.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16040.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16269.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16273.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16285.0\"}, {\"status\": \"affected\", \"version\": \"4.0\"}, {\"status\": \"affected\", \"version\": \"4.1\"}, {\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"affected\", \"version\": \"4.12\"}, {\"status\": \"affected\", \"version\": \"4.13\"}, {\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"affected\", \"version\": \"4.15\"}, {\"status\": \"affected\", \"version\": \"4.16\"}, {\"status\": \"affected\", \"version\": \"4.17\"}, {\"status\": \"affected\", \"version\": \"4.18\"}, {\"status\": \"affected\", \"version\": \"4.19\"}, {\"status\": \"affected\", \"version\": \"4.2\"}, {\"status\": \"affected\", \"version\": \"4.20\"}, {\"status\": \"affected\", \"version\": \"4.3\"}, {\"status\": \"affected\", \"version\": \"4.4\"}, {\"status\": \"affected\", \"version\": \"4.5\"}, {\"status\": \"affected\", \"version\": \"4.6\"}, {\"status\": \"affected\", \"version\": \"4.8\"}, {\"status\": \"affected\", \"version\": \"4.9\"}, {\"status\": \"affected\", \"version\": \"4.1.57\"}, {\"status\": \"affected\", \"version\": \"4.1.92\"}, {\"status\": \"affected\", \"version\": \"4.10.343\"}, {\"status\": \"affected\", \"version\": \"4.11.211\"}, {\"status\": \"affected\", \"version\": \"4.12.236\"}, {\"status\": \"affected\", \"version\": \"4.13.200\"}, {\"status\": \"affected\", \"version\": \"4.2.42\"}, {\"status\": \"affected\", \"version\": \"4.2.75\"}, {\"status\": \"affected\", \"version\": \"4.5.224\"}, {\"status\": \"affected\", \"version\": \"4.6.197\"}, {\"status\": \"affected\", \"version\": \"4.7.78\"}, {\"status\": \"affected\", \"version\": \"4.8.170\"}, {\"status\": \"affected\", \"version\": \"4.9.205\"}, {\"status\": \"affected\", \"version\": \"4.9.252\"}, {\"status\": \"affected\", \"version\": \"4.9.269\"}, {\"status\": \"affected\", \"version\": \"42.1.0.169\"}, {\"status\": \"affected\", \"version\": \"42.1.0.21190\"}, {\"status\": \"affected\", \"version\": \"42.1.0.2219\"}, {\"status\": \"affected\", \"version\": \"42.10\"}, {\"status\": \"affected\", \"version\": \"42.10.0.23814\"}, {\"status\": \"affected\", \"version\": \"42.10.0.24000\"}, {\"status\": \"affected\", \"version\": \"42.11\"}, {\"status\": \"affected\", \"version\": \"42.11.0.24187\"}, {\"status\": \"affected\", \"version\": \"42.12\"}, {\"status\": \"affected\", \"version\": \"42.12.0.24485\"}, {\"status\": \"affected\", \"version\": \"42.2\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21338\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21486\"}, {\"status\": \"affected\", \"version\": \"42.3\"}, {\"status\": \"affected\", \"version\": \"42.3.0.21576\"}, {\"status\": \"affected\", \"version\": \"42.4.1.22032\"}, {\"status\": \"affected\", \"version\": \"42.5.0.22259\"}, {\"status\": \"affected\", \"version\": \"42.6\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22565\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22645\"}, {\"status\": \"affected\", \"version\": \"42.7\"}, {\"status\": \"affected\", \"version\": \"42.7.0.22904\"}, {\"status\": \"affected\", \"version\": \"42.7.0.23054\"}, {\"status\": \"affected\", \"version\": \"42.8\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23214\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23281\"}, {\"status\": \"affected\", \"version\": \"42.9\"}, {\"status\": \"affected\", \"version\": \"42.9.0.23494\"}, {\"status\": \"affected\", \"version\": \"43.1\"}, {\"status\": \"affected\", \"version\": \"43.1.0.24716\"}, {\"status\": \"affected\", \"version\": \"43.2\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25157\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25211\"}, {\"status\": \"affected\", \"version\": \"43.3\"}, {\"status\": \"affected\", \"version\": \"43.3.0.25468\"}, {\"status\": \"affected\", \"version\": \"43.4\"}, {\"status\": \"affected\", \"version\": \"43.4.0.25788\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-18T13:15:14.500Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20395\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"cisco\", \"dateReserved\": \"2023-11-08T15:08:07.659Z\", \"datePublished\": \"2024-07-17T16:32:07.102Z\", \"dateUpdated\": \"2024-07-18T13:23:45.549Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.