Sign-up

ID

VAR-201901-0364


CVE

CVE-2019-1638


TITLE

Cisco Webex Network Recording Player and Cisco Webex Player Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001449

DESCRIPTION

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. Crafted data in an ARF file can trigger a write past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server

Trust: 2.61

sources: NVD: CVE-2019-1638 // JVNDB: JVNDB-2019-001449 // ZDI: ZDI-19-128 // BID: 106704 // VULHUB: VHN-148520

AFFECTED PRODUCTS

vendor:ciscomodel:webex meetings serverscope:eqversion:t31

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:1.3.39

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:1.3.33

Trust: 1.0

vendor:ciscomodel:webex meetings serverscope:eqversion:3.0mr2

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:t33.3.5

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:t33.5.1

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope:eqversion:t32.9

Trust: 1.0

vendor:ciscomodel:webex meetings onlinescope: - version: -

Trust: 0.8

vendor:ciscomodel:webex meetings serverscope: - version: -

Trust: 0.8

vendor:ciscomodel:webexscope: - version: -

Trust: 0.7

vendor:ciscomodel:webex playerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex network recording playerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings server 3.0mr2 patchscope:eqversion:1

Trust: 0.3

vendor:ciscomodel:webex meetings server 3.0mr2scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings server 3.0mr1scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings server patchscope:eqversion:3.01

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:webex meetings server mr2scope:eqversion:2.8

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.8

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings onlinescope:eqversion:1.3.37

Trust: 0.3

vendor:ciscomodel:webex meetings onlinescope:eqversion:1.3.35

Trust: 0.3

vendor:ciscomodel:webex meetings onlinescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex business suite wbs33.4scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex business suite wbs33scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex business suite wbs32.15.20scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex business suite wbs32scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings server mr2 sp2scope:neversion:3.0

Trust: 0.3

vendor:ciscomodel:webex meetings server mr3 sp1scope:neversion:2.8

Trust: 0.3

vendor:ciscomodel:webex meetings onlinescope:neversion:1.3.40

Trust: 0.3

vendor:ciscomodel:webex business suite wbs33.7.0scope:neversion: -

Trust: 0.3

vendor:ciscomodel:webex business suite wbs33.6.1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:webex business suite wbs32.15.33scope:neversion: -

Trust: 0.3

sources: ZDI: ZDI-19-128 // BID: 106704 // JVNDB: JVNDB-2019-001449 // NVD: CVE-2019-1638

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1638
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1638
value: HIGH

Trust: 1.0

NVD: CVE-2019-1638
value: HIGH

Trust: 0.8

ZDI: CVE-2019-1638
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201901-852
value: HIGH

Trust: 0.6

VULHUB: VHN-148520
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-1638
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-148520
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1638
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.8

ZDI: CVE-2019-1638
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-19-128 // VULHUB: VHN-148520 // JVNDB: JVNDB-2019-001449 // CNNVD: CNNVD-201901-852 // NVD: CVE-2019-1638 // NVD: CVE-2019-1638

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-148520 // JVNDB: JVNDB-2019-001449 // NVD: CVE-2019-1638

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201901-852

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201901-852

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001449

PATCH
title:cisco-sa-20190123-webex-rceurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce
Trust: 1.5
title:Cisco Webex Network Recording Player  and Webex Player for Windows Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88933
Trust: 0.6
sources:
            
            
            ZDI: ZDI-19-128 // 
            
            
            
            JVNDB: JVNDB-2019-001449 // 
            
            
            
            CNNVD: CNNVD-201901-852

EXTERNAL IDS
db:NVDid:CVE-2019-1638
Trust: 3.5
db:BIDid:106704
Trust: 2.0
db:JVNDBid:JVNDB-2019-001449
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-7043
Trust: 0.7
db:ZDIid:ZDI-19-128
Trust: 0.7
db:CNNVDid:CNNVD-201901-852
Trust: 0.7
db:VULHUBid:VHN-148520
Trust: 0.1
sources:
            
            
            ZDI: ZDI-19-128 // 
            
            
            
            VULHUB: VHN-148520 // 
            
            
            
            BID: 106704 // 
            
            
            
            JVNDB: JVNDB-2019-001449 // 
            
            
            
            CNNVD: CNNVD-201901-852 // 
            
            
            
            NVD: CVE-2019-1638

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce
Trust: 2.7
url:http://www.securityfocus.com/bid/106704
Trust: 2.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1638
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-1638
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-19-128 // 
            
            
            
            VULHUB: VHN-148520 // 
            
            
            
            BID: 106704 // 
            
            
            
            JVNDB: JVNDB-2019-001449 // 
            
            
            
            CNNVD: CNNVD-201901-852 // 
            
            
            
            NVD: CVE-2019-1638

CREDITS
b0nd @garage4hackers
Trust: 0.7
sources:
            
            
            ZDI: ZDI-19-128

SOURCES
db:ZDIid:ZDI-19-128
db:VULHUBid:VHN-148520
db:BIDid:106704
db:JVNDBid:JVNDB-2019-001449
db:CNNVDid:CNNVD-201901-852
db:NVDid:CVE-2019-1638

LAST UPDATE DATE
2024-11-23T22:26:04.864000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-19-128date:2019-01-25T00:00:00
db:VULHUBid:VHN-148520date:2019-10-09T00:00:00
db:BIDid:106704date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001449date:2019-03-06T00:00:00
db:CNNVDid:CNNVD-201901-852date:2019-10-17T00:00:00
db:NVDid:CVE-2019-1638date:2024-11-21T04:36:59.170

SOURCES RELEASE DATE
db:ZDIid:ZDI-19-128date:2019-01-25T00:00:00
db:VULHUBid:VHN-148520date:2019-01-23T00:00:00
db:BIDid:106704date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2019-001449date:2019-03-06T00:00:00
db:CNNVDid:CNNVD-201901-852date:2019-01-24T00:00:00
db:NVDid:CVE-2019-1638date:2019-01-23T23:29:00.277