Sign-up

ID

VAR-201810-0300


CVE

CVE-2018-0422


TITLE

Windows for Cisco Webex Meetings Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-014367

DESCRIPTION

A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user's own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur. Windows for Cisco Webex Meetings Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Cisco WebEx Network Recording Player. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists in the access control that the product installer sets on the product's binaries. This allows any local user to replace the product's binaries with malicious replacements. An attacker can leverage this vulnerability to escalate privileges to the level of some other user of the system, such as an administrator. Cisco Webex Meetings Client is prone to a local privilege-escalation vulnerability. This issue is being tracked by Cisco bug IDs CSCvh89155, CSCvh89157 and CSCvh89158. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco). Webex Meetings client for Windows is a Windows-based video conferencing client software. The following products are affected: Cisco Webex Meetings Suite (WBS31); Cisco Webex Meetings Suite (WBS32); Cisco Webex Meetings Suite (WBS33); Cisco Webex Meetings; Cisco Webex Meetings Server

Trust: 2.61

sources: NVD: CVE-2018-0422 // JVNDB: JVNDB-2018-014367 // ZDI: ZDI-18-998 // BID: 105281 // VULHUB: VHN-118624

AFFECTED PRODUCTS

vendor:ciscomodel:webex meetings onlinescope:eqversion:t31.20.2

Trust: 1.0

vendor:ciscomodel:webex meetings serverscope:lteversion:3.0

Trust: 1.0

vendor:ciscomodel:webex business suite 32scope:ltversion:32.15.20

Trust: 1.0

vendor:ciscomodel:webex business suite 31scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:t31.20

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:ltversion:1.3.37

Trust: 1.0

vendor:ciscomodel:webex business suite 33scope:ltversion:33.4

Trust: 1.0

vendor:ciscomodel:webex meetings serverscope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:webex meetings suitescope:eqversion:0

Trust: 0.9

vendor:ciscomodel:webex business suite 31scope: - version: -

Trust: 0.8

vendor:ciscomodel:webex business suite 32scope: - version: -

Trust: 0.8

vendor:ciscomodel:webex business suite 33scope: - version: -

Trust: 0.8

vendor:ciscomodel:webex meetings onlinescope: - version: -

Trust: 0.8

vendor:ciscomodel:webex meetings serverscope: - version: -

Trust: 0.8

vendor:ciscomodel:webexscope: - version: -

Trust: 0.7

vendor:ciscomodel:webex meetings serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings online t31.20.2scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings online t31.20scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetingsscope:eqversion:0

Trust: 0.3

sources: ZDI: ZDI-18-998 // BID: 105281 // JVNDB: JVNDB-2018-014367 // NVD: CVE-2018-0422

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0422
value: HIGH

Trust: 1.0

NVD: CVE-2018-0422
value: HIGH

Trust: 0.8

ZDI: CVE-2018-0422
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201809-255
value: HIGH

Trust: 0.6

VULHUB: VHN-118624
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0422
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

VULHUB: VHN-118624
severity: MEDIUM
baseScore: 6.9
vectorString: AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0422
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.3
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-18-998 // VULHUB: VHN-118624 // JVNDB: JVNDB-2018-014367 // CNNVD: CNNVD-201809-255 // NVD: CVE-2018-0422

PROBLEMTYPE DATA

problemtype:CWE-732

Trust: 1.1

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-118624 // JVNDB: JVNDB-2018-014367 // NVD: CVE-2018-0422

THREAT TYPE

local

Trust: 0.9

sources: BID: 105281 // CNNVD: CNNVD-201809-255

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201809-255

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014367

PATCH
title:cisco-sa-20180905-webex-peurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe
Trust: 1.5
title:Cisco Webex Meetings client for Windows Fixes for permission permissions and access control vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84586
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-998 // 
            
            
            
            JVNDB: JVNDB-2018-014367 // 
            
            
            
            CNNVD: CNNVD-201809-255

EXTERNAL IDS
db:NVDid:CVE-2018-0422
Trust: 3.5
db:BIDid:105281
Trust: 2.0
db:SECTRACKid:1041681
Trust: 1.7
db:JVNDBid:JVNDB-2018-014367
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5623
Trust: 0.7
db:ZDIid:ZDI-18-998
Trust: 0.7
db:CNNVDid:CNNVD-201809-255
Trust: 0.7
db:VULHUBid:VHN-118624
Trust: 0.1
sources:
            
            
            ZDI: ZDI-18-998 // 
            
            
            
            VULHUB: VHN-118624 // 
            
            
            
            BID: 105281 // 
            
            
            
            JVNDB: JVNDB-2018-014367 // 
            
            
            
            CNNVD: CNNVD-201809-255 // 
            
            
            
            NVD: CVE-2018-0422

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180905-webex-pe
Trust: 3.4
url:http://www.securityfocus.com/bid/105281
Trust: 1.7
url:http://www.securitytracker.com/id/1041681
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0422
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0422
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-998 // 
            
            
            
            VULHUB: VHN-118624 // 
            
            
            
            BID: 105281 // 
            
            
            
            JVNDB: JVNDB-2018-014367 // 
            
            
            
            CNNVD: CNNVD-201809-255 // 
            
            
            
            NVD: CVE-2018-0422

CREDITS
Simon Zuckerbraun of Trend Micro Zero Day Initiative
Trust: 0.7
sources:
            
            
            ZDI: ZDI-18-998

SOURCES
db:ZDIid:ZDI-18-998
db:VULHUBid:VHN-118624
db:BIDid:105281
db:JVNDBid:JVNDB-2018-014367
db:CNNVDid:CNNVD-201809-255
db:NVDid:CVE-2018-0422

LAST UPDATE DATE
2024-11-23T22:21:55.278000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-998date:2018-09-06T00:00:00
db:VULHUBid:VHN-118624date:2019-10-03T00:00:00
db:BIDid:105281date:2018-09-05T00:00:00
db:JVNDBid:JVNDB-2018-014367date:2019-03-19T00:00:00
db:CNNVDid:CNNVD-201809-255date:2019-10-23T00:00:00
db:NVDid:CVE-2018-0422date:2024-11-21T03:38:11.760

SOURCES RELEASE DATE
db:ZDIid:ZDI-18-998date:2018-09-06T00:00:00
db:VULHUBid:VHN-118624date:2018-10-05T00:00:00
db:BIDid:105281date:2018-09-05T00:00:00
db:JVNDBid:JVNDB-2018-014367date:2019-03-19T00:00:00
db:CNNVDid:CNNVD-201809-255date:2018-09-06T00:00:00
db:NVDid:CVE-2018-0422date:2018-10-05T14:29:00.730