Cisco Webex Vulnerability Allows Ghost Access to Meetings

Source
Advertisement


Identified by IBM’s security researchers, the Webex flaws could allow attackers to join meetings as ghosts (without being seen by other participants), remain in the meeting as a ghost after being expelled, and access information on meeting attendees (names, email addresses and IP addresses).

Tracked as CVE-2020-3419, the first of the issues impacts both Webex Meetings and Webex Meetings Server and is the result of “improper handling of authentication tokens by a vulnerable Webex site.”

Advertisement