A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition.

An attacker could exploit this vulnerability by providing a user with a malicious WRF file via email or URL and convincing the user to open the file.

A successful exploit could cause an affected player to crash, resulting in a DoS condition.

Cisco WebEx players are applications that are used to play back WebEx meeting recordings that have been recorded by an online meeting attendee.

The player can be automatically installed when the user accesses a recording file that is hosted on a WebEx server.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex1

Security Impact Rating: Medium

CVE: CVE-2017-12360

Leave a Reply