CVE-2024-20395 (GCVE-0-2024-20395)
Vulnerability from cvelistv5
Published
2024-07-17 16:32
Modified
2024-08-01 21:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-523 - Unprotected Transport of Credentials
Summary
A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.
This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.
References
| URL | Tags | ||
|---|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex Teams |
Version: 3.0.13464.0 Version: 3.0.13538.0 Version: 3.0.13588.0 Version: 3.0.14154.0 Version: 3.0.14234.0 Version: 3.0.14375.0 Version: 3.0.14741.0 Version: 3.0.14866.0 Version: 3.0.15015.0 Version: 3.0.15036.0 Version: 3.0.15092.0 Version: 3.0.15131.0 Version: 3.0.15164.0 Version: 3.0.15221.0 Version: 3.0.15333.0 Version: 3.0.15410.0 Version: 3.0.15485.0 Version: 3.0.15645.0 Version: 3.0.15711.0 Version: 3.0.16040.0 Version: 3.0.16269.0 Version: 3.0.16273.0 Version: 3.0.16285.0 Version: 4.0 Version: 4.1 Version: 4.10 Version: 4.12 Version: 4.13 Version: 4.14 Version: 4.15 Version: 4.16 Version: 4.17 Version: 4.18 Version: 4.19 Version: 4.2 Version: 4.20 Version: 4.3 Version: 4.4 Version: 4.5 Version: 4.6 Version: 4.8 Version: 4.9 Version: 4.1.57 Version: 4.1.92 Version: 4.10.343 Version: 4.11.211 Version: 4.12.236 Version: 4.13.200 Version: 4.2.42 Version: 4.2.75 Version: 4.5.224 Version: 4.6.197 Version: 4.7.78 Version: 4.8.170 Version: 4.9.205 Version: 4.9.252 Version: 4.9.269 Version: 42.1.0.169 Version: 42.1.0.21190 Version: 42.1.0.2219 Version: 42.10 Version: 42.10.0.23814 Version: 42.10.0.24000 Version: 42.11 Version: 42.11.0.24187 Version: 42.12 Version: 42.12.0.24485 Version: 42.2 Version: 42.2.0.21338 Version: 42.2.0.21486 Version: 42.3 Version: 42.3.0.21576 Version: 42.4.1.22032 Version: 42.5.0.22259 Version: 42.6 Version: 42.6.0.22565 Version: 42.6.0.22645 Version: 42.7 Version: 42.7.0.22904 Version: 42.7.0.23054 Version: 42.8 Version: 42.8.0.23214 Version: 42.8.0.23281 Version: 42.9 Version: 42.9.0.23494 Version: 43.1 Version: 43.1.0.24716 Version: 43.2 Version: 43.2.0.25157 Version: 43.2.0.25211 Version: 43.3 Version: 43.3.0.25468 Version: 43.4 Version: 43.4.0.25788 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webex_teams",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T03:55:23.962265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T13:23:45.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Webex Teams",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.13464.0"
},
{
"status": "affected",
"version": "3.0.13538.0"
},
{
"status": "affected",
"version": "3.0.13588.0"
},
{
"status": "affected",
"version": "3.0.14154.0"
},
{
"status": "affected",
"version": "3.0.14234.0"
},
{
"status": "affected",
"version": "3.0.14375.0"
},
{
"status": "affected",
"version": "3.0.14741.0"
},
{
"status": "affected",
"version": "3.0.14866.0"
},
{
"status": "affected",
"version": "3.0.15015.0"
},
{
"status": "affected",
"version": "3.0.15036.0"
},
{
"status": "affected",
"version": "3.0.15092.0"
},
{
"status": "affected",
"version": "3.0.15131.0"
},
{
"status": "affected",
"version": "3.0.15164.0"
},
{
"status": "affected",
"version": "3.0.15221.0"
},
{
"status": "affected",
"version": "3.0.15333.0"
},
{
"status": "affected",
"version": "3.0.15410.0"
},
{
"status": "affected",
"version": "3.0.15485.0"
},
{
"status": "affected",
"version": "3.0.15645.0"
},
{
"status": "affected",
"version": "3.0.15711.0"
},
{
"status": "affected",
"version": "3.0.16040.0"
},
{
"status": "affected",
"version": "3.0.16269.0"
},
{
"status": "affected",
"version": "3.0.16273.0"
},
{
"status": "affected",
"version": "3.0.16285.0"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.10"
},
{
"status": "affected",
"version": "4.12"
},
{
"status": "affected",
"version": "4.13"
},
{
"status": "affected",
"version": "4.14"
},
{
"status": "affected",
"version": "4.15"
},
{
"status": "affected",
"version": "4.16"
},
{
"status": "affected",
"version": "4.17"
},
{
"status": "affected",
"version": "4.18"
},
{
"status": "affected",
"version": "4.19"
},
{
"status": "affected",
"version": "4.2"
},
{
"status": "affected",
"version": "4.20"
},
{
"status": "affected",
"version": "4.3"
},
{
"status": "affected",
"version": "4.4"
},
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6"
},
{
"status": "affected",
"version": "4.8"
},
{
"status": "affected",
"version": "4.9"
},
{
"status": "affected",
"version": "4.1.57"
},
{
"status": "affected",
"version": "4.1.92"
},
{
"status": "affected",
"version": "4.10.343"
},
{
"status": "affected",
"version": "4.11.211"
},
{
"status": "affected",
"version": "4.12.236"
},
{
"status": "affected",
"version": "4.13.200"
},
{
"status": "affected",
"version": "4.2.42"
},
{
"status": "affected",
"version": "4.2.75"
},
{
"status": "affected",
"version": "4.5.224"
},
{
"status": "affected",
"version": "4.6.197"
},
{
"status": "affected",
"version": "4.7.78"
},
{
"status": "affected",
"version": "4.8.170"
},
{
"status": "affected",
"version": "4.9.205"
},
{
"status": "affected",
"version": "4.9.252"
},
{
"status": "affected",
"version": "4.9.269"
},
{
"status": "affected",
"version": "42.1.0.169"
},
{
"status": "affected",
"version": "42.1.0.21190"
},
{
"status": "affected",
"version": "42.1.0.2219"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.10.0.23814"
},
{
"status": "affected",
"version": "42.10.0.24000"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.11.0.24187"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "42.12.0.24485"
},
{
"status": "affected",
"version": "42.2"
},
{
"status": "affected",
"version": "42.2.0.21338"
},
{
"status": "affected",
"version": "42.2.0.21486"
},
{
"status": "affected",
"version": "42.3"
},
{
"status": "affected",
"version": "42.3.0.21576"
},
{
"status": "affected",
"version": "42.4.1.22032"
},
{
"status": "affected",
"version": "42.5.0.22259"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.6.0.22565"
},
{
"status": "affected",
"version": "42.6.0.22645"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.7.0.22904"
},
{
"status": "affected",
"version": "42.7.0.23054"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.8.0.23214"
},
{
"status": "affected",
"version": "42.8.0.23281"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.9.0.23494"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.1.0.24716"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.2.0.25157"
},
{
"status": "affected",
"version": "43.2.0.25211"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.3.0.25468"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.0.25788"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-523",
"description": "Unprotected Transport of Credentials",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T16:32:07.102Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-app-ZjNm8X8j",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j"
}
],
"source": {
"advisory": "cisco-sa-webex-app-ZjNm8X8j",
"defects": [
"CSCwj36941",
"CSCwj36943"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20395",
"datePublished": "2024-07-17T16:32:07.102Z",
"dateReserved": "2023-11-08T15:08:07.659Z",
"dateUpdated": "2024-08-01T21:59:42.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-20395\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2024-07-17T17:15:12.833\",\"lastModified\":\"2025-07-31T16:04:57.460\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de recuperaci\u00f3n de medios de la aplicaci\u00f3n Cisco Webex podr\u00eda permitir que un atacante adyacente no autenticado obtenga acceso a informaci\u00f3n confidencial de la sesi\u00f3n. Esta vulnerabilidad se debe a la transmisi\u00f3n insegura de solicitudes a servicios de backend cuando la aplicaci\u00f3n accede a medios integrados, como im\u00e1genes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje con medios integrados almacenados en un servidor de mensajer\u00eda a un usuario objetivo. Si el atacante puede observar el tr\u00e1fico transmitido en una posici\u00f3n privilegiada de la red, una explotaci\u00f3n exitosa podr\u00eda permitirle capturar informaci\u00f3n del token de sesi\u00f3n de solicitudes transmitidas de manera insegura y posiblemente reutilizar la informaci\u00f3n de la sesi\u00f3n capturada para tomar acciones adicionales como el usuario objetivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-523\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A0731376-1EF1-4361-89D9-6B2C0B64370E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8289243E-6CEC-43EC-B65C-9EA5E909D951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F25EF33F-1164-4A67-B60B-EB6467DE9D9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C66338FC-7D39-459A-A42B-E26E9181C436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8C1AAA94-BE6C-4092-8770-F2F646B79E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FA788BAC-1DC0-42E4-BA10-2A89934E84F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A6DDBEE5-D11F-4BFF-9A5C-028407FBAA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4499D4FB-FC7C-4974-8343-57B2CAE63136\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"E7CA0AAA-E188-4750-81B1-39B191551FA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"90657271-CDE4-4BCE-9382-0CF7A93B97D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"9E2928B4-6CA9-4CB4-9AAB-036974746EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5134AE77-8890-422F-8328-0676FB4D863C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B72A2ADC-98EE-4EE2-8EDD-8D24432526AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FB34AF13-AACA-450A-B55B-91D87AE36453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"50B3FEE3-C3F2-4134-931F-CAD806F87156\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4E2C3B35-124E-45B7-9EBC-EF1507CAAEC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6483C20E-E95D-443E-9C0E-8FFA0A54292D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"AA1D8B71-94F1-438B-98FD-2F7A17CF7663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FC5DC5E2-4FAB-4C7C-915F-0310A85A90B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"33A4716E-0A8E-450C-8A23-99EC4818CA8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FFD800A7-5E0A-463D-95F8-543DBECCCB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"57EBA9CF-6588-40D1-BF98-A3189E0BD8AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"44405865-5EE6-4AFE-BE55-ED149A614C1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"884A4E78-54EE-49F1-B414-D67498B61015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"541722A6-CA34-4999-891C-9245F9958F9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"607A5868-98E7-4693-9E86-EBD48764A06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6538CBC9-0BFA-4DB3-A754-3B770E3230CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F6030AFD-E170-42E2-9C13-588AA08BE560\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DDCAF3B6-251B-4468-9A84-8E7204EFE065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0547F801-29FE-4AB5-AA6B-478920062928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4753283B-14DA-42A8-8577-084067645E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"D1E4DAE5-03B4-409F-B1F0-D325F7743063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BB84CCC7-0BA0-4FDE-A8B9-0C83967D1769\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4027766A-85CF-4BF7-9FEA-04DED535DBD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7F114421-1DA7-47F6-A3B1-9B739B3B78ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CEA1CE45-C406-45DD-AEEE-5E5FE4C52091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1F5891B7-C9FA-4BF6-BC5D-D2CFC8A28CE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"831FC631-4D0D-424A-A743-E0EF2240853D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CB1D62ED-0FB0-423B-AB3A-ECBBCE1D750E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"451837E9-1C00-4AEE-9CBA-0BCD62F10EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"89E775E8-CF8E-412E-91FB-FE4FBE4E8875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DF746917-7BD5-4111-86FA-E3A7C66B7D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FD2EFE51-A37B-431B-BB7D-F61F42F66513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"82F843BE-035F-41DE-B875-96412D40E633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"34AEDBA9-436A-4FFF-B32E-4D8EEE07E1E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"17C5AF29-BCDB-47F5-A33A-121D8709D1DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C0F8C917-86F7-41B4-8952-EE60F39705FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B87F5E8E-0B62-4F44-968C-848C8844911C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4F9169C8-D677-4550-BB1D-661BCE66A6E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5751F200-C070-4F38-9A49-CD0C81890663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"C9E2FE4F-2A69-4516-A507-5E0804186D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8FA482C9-BEA4-4CB3-9FA0-7F49F9994817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"D43460DB-12F9-44CA-8F2B-043C0BA90462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F52C9271-5B79-4AA2-B0BD-1920A746C874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BDE335B1-47B3-4B6A-9348-4C09F638F6D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0FD7D1F8-DAC9-4A82-ADCF-1B28B036A097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2B28E8FB-339C-47BE-A0ED-F499C50F0F19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7C8BB483-0BB1-4415-8DE3-0817AD0F05C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"08FA3F4E-1DD9-40CA-82FB-42B3451CB50E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"BDC16500-BE29-4F48-B10F-CF1A5E5170BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8482BEDC-AA74-4DA4-919E-0A4F57551F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DC462FE6-D300-4A60-9A39-366420CA2930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"A3C5E73E-6AFE-4A40-920A-7C511477AAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"27A08866-6C64-41CF-A228-F838CF3A0370\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"8671E430-9610-475B-A42B-23D9B389531F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"B6C446D7-7700-448A-B9CE-99F8E4E5D119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6A5BBD96-10D5-4E7D-92D5-924C87146450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"7494FC8F-E36D-49D3-8BCB-F51C14B125CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0933FFB3-20B9-4911-868B-27A6ACBE1E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"9BFA48AE-1685-407B-8917-7F277657D3D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"501BAD21-7B5E-4E7D-8CC7-86828124AF5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"61DAC3AC-AE37-43C3-B65C-CC513E90E069\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"DC18AF9B-AC2F-4183-8021-BF08026FA33B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EF1964F5-CCEC-4D0C-94D1-3F83726CB5A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"798FCD25-77F4-4625-91D5-E1BBE353B7C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CF286711-7D09-4125-BDCE-6FCC520A54B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"01ED5949-173F-42A6-A0B0-67C47125F966\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1EB7D461-BFF7-4D4A-A6B4-BCF290379076\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2C29410E-7B91-40DC-8AD2-C30A9162E822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"E4B6854B-7843-4FBF-81AA-ABA6145F8458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"16D9C9E7-98B3-4A6A-AC48-F8E7C18CA1FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"573337DC-A95D-4720-9637-3BE590410FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"1C54D0AC-F9EC-4FA7-9BA6-6DBDC3743C64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"CF2E05E2-B6B6-419D-BE2F-BFB743EFB619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5FB14348-E1EE-43E6-A66E-23B78E805DFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"97A7514D-3BEF-4895-B313-E38D0EA4ABCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"F0AA0F07-C8DF-4AC1-8799-0D2612FA65E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0BF47256-96E9-46C3-BCA0-80A0A0077AF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EAC1AE74-F875-4161-95A3-102E5AC35015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"60571D58-E948-4F17-9A9B-7F853D85C995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"4B33A187-3E22-4A56-8E3D-6AB7218099A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"5356285B-A3C2-45D2-BE88-41B3F27DD294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"19D33A9F-0EF2-4CB2-B085-AFB46DBBE4F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"ED47DCB3-FABB-4AAE-A565-09A13693E5F9\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-07-17T16:32:07.102Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\\r\\n\\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.\"}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Webex Teams\", \"versions\": [{\"version\": \"3.0.13464.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13538.0\", \"status\": \"affected\"}, {\"version\": \"3.0.13588.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14154.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14234.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14375.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14741.0\", \"status\": \"affected\"}, {\"version\": \"3.0.14866.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15015.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15036.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15092.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15131.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15164.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15221.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15333.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15410.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15485.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15645.0\", \"status\": \"affected\"}, {\"version\": \"3.0.15711.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16040.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16269.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16273.0\", \"status\": \"affected\"}, {\"version\": \"3.0.16285.0\", \"status\": \"affected\"}, {\"version\": \"4.0\", \"status\": \"affected\"}, {\"version\": \"4.1\", \"status\": \"affected\"}, {\"version\": \"4.10\", \"status\": \"affected\"}, {\"version\": \"4.12\", \"status\": \"affected\"}, {\"version\": \"4.13\", \"status\": \"affected\"}, {\"version\": \"4.14\", \"status\": \"affected\"}, {\"version\": \"4.15\", \"status\": \"affected\"}, {\"version\": \"4.16\", \"status\": \"affected\"}, {\"version\": \"4.17\", \"status\": \"affected\"}, {\"version\": \"4.18\", \"status\": \"affected\"}, {\"version\": \"4.19\", \"status\": \"affected\"}, {\"version\": \"4.2\", \"status\": \"affected\"}, {\"version\": \"4.20\", \"status\": \"affected\"}, {\"version\": \"4.3\", \"status\": \"affected\"}, {\"version\": \"4.4\", \"status\": \"affected\"}, {\"version\": \"4.5\", \"status\": \"affected\"}, {\"version\": \"4.6\", \"status\": \"affected\"}, {\"version\": \"4.8\", \"status\": \"affected\"}, {\"version\": \"4.9\", \"status\": \"affected\"}, {\"version\": \"4.1.57\", \"status\": \"affected\"}, {\"version\": \"4.1.92\", \"status\": \"affected\"}, {\"version\": \"4.10.343\", \"status\": \"affected\"}, {\"version\": \"4.11.211\", \"status\": \"affected\"}, {\"version\": \"4.12.236\", \"status\": \"affected\"}, {\"version\": \"4.13.200\", \"status\": \"affected\"}, {\"version\": \"4.2.42\", \"status\": \"affected\"}, {\"version\": \"4.2.75\", \"status\": \"affected\"}, {\"version\": \"4.5.224\", \"status\": \"affected\"}, {\"version\": \"4.6.197\", \"status\": \"affected\"}, {\"version\": \"4.7.78\", \"status\": \"affected\"}, {\"version\": \"4.8.170\", \"status\": \"affected\"}, {\"version\": \"4.9.205\", \"status\": \"affected\"}, {\"version\": \"4.9.252\", \"status\": \"affected\"}, {\"version\": \"4.9.269\", \"status\": \"affected\"}, {\"version\": \"42.1.0.169\", \"status\": \"affected\"}, {\"version\": \"42.1.0.21190\", \"status\": \"affected\"}, {\"version\": \"42.1.0.2219\", \"status\": \"affected\"}, {\"version\": \"42.10\", \"status\": \"affected\"}, {\"version\": \"42.10.0.23814\", \"status\": \"affected\"}, {\"version\": \"42.10.0.24000\", \"status\": \"affected\"}, {\"version\": \"42.11\", \"status\": \"affected\"}, {\"version\": \"42.11.0.24187\", \"status\": \"affected\"}, {\"version\": \"42.12\", \"status\": \"affected\"}, {\"version\": \"42.12.0.24485\", \"status\": \"affected\"}, {\"version\": \"42.2\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21338\", \"status\": \"affected\"}, {\"version\": \"42.2.0.21486\", \"status\": \"affected\"}, {\"version\": \"42.3\", \"status\": \"affected\"}, {\"version\": \"42.3.0.21576\", \"status\": \"affected\"}, {\"version\": \"42.4.1.22032\", \"status\": \"affected\"}, {\"version\": \"42.5.0.22259\", \"status\": \"affected\"}, {\"version\": \"42.6\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22565\", \"status\": \"affected\"}, {\"version\": \"42.6.0.22645\", \"status\": \"affected\"}, {\"version\": \"42.7\", \"status\": \"affected\"}, {\"version\": \"42.7.0.22904\", \"status\": \"affected\"}, {\"version\": \"42.7.0.23054\", \"status\": \"affected\"}, {\"version\": \"42.8\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23214\", \"status\": \"affected\"}, {\"version\": \"42.8.0.23281\", \"status\": \"affected\"}, {\"version\": \"42.9\", \"status\": \"affected\"}, {\"version\": \"42.9.0.23494\", \"status\": \"affected\"}, {\"version\": \"43.1\", \"status\": \"affected\"}, {\"version\": \"43.1.0.24716\", \"status\": \"affected\"}, {\"version\": \"43.2\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25157\", \"status\": \"affected\"}, {\"version\": \"43.2.0.25211\", \"status\": \"affected\"}, {\"version\": \"43.3\", \"status\": \"affected\"}, {\"version\": \"43.3.0.25468\", \"status\": \"affected\"}, {\"version\": \"43.4\", \"status\": \"affected\"}, {\"version\": \"43.4.0.25788\", \"status\": \"affected\"}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Unprotected Transport of Credentials\", \"type\": \"cwe\", \"cweId\": \"CWE-523\"}]}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j\", \"name\": \"cisco-sa-webex-app-ZjNm8X8j\"}], \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"source\": {\"advisory\": \"cisco-sa-webex-app-ZjNm8X8j\", \"discovery\": \"EXTERNAL\", \"defects\": [\"CSCwj36941\", \"CSCwj36943\"]}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20395\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-18T03:55:23.962265Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*\", \"cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"webex_teams\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.13464.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13538.0\"}, {\"status\": \"affected\", \"version\": \"3.0.13588.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14154.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14234.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14375.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14741.0\"}, {\"status\": \"affected\", \"version\": \"3.0.14866.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15015.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15036.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15092.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15131.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15164.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15221.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15333.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15410.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15485.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15645.0\"}, {\"status\": \"affected\", \"version\": \"3.0.15711.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16040.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16269.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16273.0\"}, {\"status\": \"affected\", \"version\": \"3.0.16285.0\"}, {\"status\": \"affected\", \"version\": \"4.0\"}, {\"status\": \"affected\", \"version\": \"4.1\"}, {\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"affected\", \"version\": \"4.12\"}, {\"status\": \"affected\", \"version\": \"4.13\"}, {\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"affected\", \"version\": \"4.15\"}, {\"status\": \"affected\", \"version\": \"4.16\"}, {\"status\": \"affected\", \"version\": \"4.17\"}, {\"status\": \"affected\", \"version\": \"4.18\"}, {\"status\": \"affected\", \"version\": \"4.19\"}, {\"status\": \"affected\", \"version\": \"4.2\"}, {\"status\": \"affected\", \"version\": \"4.20\"}, {\"status\": \"affected\", \"version\": \"4.3\"}, {\"status\": \"affected\", \"version\": \"4.4\"}, {\"status\": \"affected\", \"version\": \"4.5\"}, {\"status\": \"affected\", \"version\": \"4.6\"}, {\"status\": \"affected\", \"version\": \"4.8\"}, {\"status\": \"affected\", \"version\": \"4.9\"}, {\"status\": \"affected\", \"version\": \"4.1.57\"}, {\"status\": \"affected\", \"version\": \"4.1.92\"}, {\"status\": \"affected\", \"version\": \"4.10.343\"}, {\"status\": \"affected\", \"version\": \"4.11.211\"}, {\"status\": \"affected\", \"version\": \"4.12.236\"}, {\"status\": \"affected\", \"version\": \"4.13.200\"}, {\"status\": \"affected\", \"version\": \"4.2.42\"}, {\"status\": \"affected\", \"version\": \"4.2.75\"}, {\"status\": \"affected\", \"version\": \"4.5.224\"}, {\"status\": \"affected\", \"version\": \"4.6.197\"}, {\"status\": \"affected\", \"version\": \"4.7.78\"}, {\"status\": \"affected\", \"version\": \"4.8.170\"}, {\"status\": \"affected\", \"version\": \"4.9.205\"}, {\"status\": \"affected\", \"version\": \"4.9.252\"}, {\"status\": \"affected\", \"version\": \"4.9.269\"}, {\"status\": \"affected\", \"version\": \"42.1.0.169\"}, {\"status\": \"affected\", \"version\": \"42.1.0.21190\"}, {\"status\": \"affected\", \"version\": \"42.1.0.2219\"}, {\"status\": \"affected\", \"version\": \"42.10\"}, {\"status\": \"affected\", \"version\": \"42.10.0.23814\"}, {\"status\": \"affected\", \"version\": \"42.10.0.24000\"}, {\"status\": \"affected\", \"version\": \"42.11\"}, {\"status\": \"affected\", \"version\": \"42.11.0.24187\"}, {\"status\": \"affected\", \"version\": \"42.12\"}, {\"status\": \"affected\", \"version\": \"42.12.0.24485\"}, {\"status\": \"affected\", \"version\": \"42.2\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21338\"}, {\"status\": \"affected\", \"version\": \"42.2.0.21486\"}, {\"status\": \"affected\", \"version\": \"42.3\"}, {\"status\": \"affected\", \"version\": \"42.3.0.21576\"}, {\"status\": \"affected\", \"version\": \"42.4.1.22032\"}, {\"status\": \"affected\", \"version\": \"42.5.0.22259\"}, {\"status\": \"affected\", \"version\": \"42.6\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22565\"}, {\"status\": \"affected\", \"version\": \"42.6.0.22645\"}, {\"status\": \"affected\", \"version\": \"42.7\"}, {\"status\": \"affected\", \"version\": \"42.7.0.22904\"}, {\"status\": \"affected\", \"version\": \"42.7.0.23054\"}, {\"status\": \"affected\", \"version\": \"42.8\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23214\"}, {\"status\": \"affected\", \"version\": \"42.8.0.23281\"}, {\"status\": \"affected\", \"version\": \"42.9\"}, {\"status\": \"affected\", \"version\": \"42.9.0.23494\"}, {\"status\": \"affected\", \"version\": \"43.1\"}, {\"status\": \"affected\", \"version\": \"43.1.0.24716\"}, {\"status\": \"affected\", \"version\": \"43.2\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25157\"}, {\"status\": \"affected\", \"version\": \"43.2.0.25211\"}, {\"status\": \"affected\", \"version\": \"43.3\"}, {\"status\": \"affected\", \"version\": \"43.3.0.25468\"}, {\"status\": \"affected\", \"version\": \"43.4\"}, {\"status\": \"affected\", \"version\": \"43.4.0.25788\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-18T13:15:14.500Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20395\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"cisco\", \"dateReserved\": \"2023-11-08T15:08:07.659Z\", \"datePublished\": \"2024-07-17T16:32:07.102Z\", \"dateUpdated\": \"2024-07-18T13:23:45.549Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…