AnsweredAssumed Answered

I got this QIDs 370468 and 370286 regarding Chrome WebEx vulnerability- what sort of mitigating controls could we implement on this one? THANKS!

Question asked by Rommel Abrau on Dec 4, 2019
Latest reply on Dec 5, 2019 by Rommel Abrau

A vulnerability in Cisco WebEx browser extensions can allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Meetings Center when they are running on Microsoft Windows. The vulnerability is due to a design defect in an application programing interface (API) response parser within the plugin. Affected Software: Cisco WebEx browser extension prior to 1.0.7