Vulnerability-Lookup

CNVD-2018-21328

Vulnerability from cnvd - Published: 2018-10-18

Title

Cisco Webex Network Recording Player和Webex Player任意代码执行漏洞

Description

Cisco Webex Network Recording Player和Webex Player都是美国思科（Cisco）公司的用于播放视频会议记录的播放器。基于Windows平台的Cisco Webex Network Recording Player和Webex Player中存在安全漏洞，该漏洞源于软件对Advanced Recording Format (ARF)和Webex Recording Format (WRF)文件验证不当。攻击者可利用该漏洞在受影响的系统上执行任意代码。

Severity

高

Patch Name

Cisco Webex Network Recording Player和Webex Player任意代码执行漏洞的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce

Impacted products

Name
['Cisco WebEx Player', 'Cisco WebEx Network Recording Player']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "105520"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-15431"
    }
  },
  "description": "Cisco Webex Network Recording Player\u548cWebex Player\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u7528\u4e8e\u64ad\u653e\u89c6\u9891\u4f1a\u8bae\u8bb0\u5f55\u7684\u64ad\u653e\u5668\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Cisco Webex Network Recording Player\u548cWebex Player\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f6f\u4ef6\u5bf9Advanced Recording Format (ARF)\u548cWebex Recording Format (WRF)\u6587\u4ef6\u9a8c\u8bc1\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-21328",
  "openTime": "2018-10-18",
  "patchDescription": "Cisco Webex Network Recording Player\u548cWebex Player\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u7528\u4e8e\u64ad\u653e\u89c6\u9891\u4f1a\u8bae\u8bb0\u5f55\u7684\u64ad\u653e\u5668\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Cisco Webex Network Recording Player\u548cWebex Player\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8f6f\u4ef6\u5bf9Advanced Recording Format (ARF)\u548cWebex Recording Format (WRF)\u6587\u4ef6\u9a8c\u8bc1\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Webex Network Recording Player\u548cWebex Player\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco WebEx Player",
      "Cisco WebEx Network Recording Player"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce",
  "serverity": "\u9ad8",
  "submitTime": "2018-10-09",
  "title": "Cisco Webex Network Recording Player\u548cWebex Player\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2018-15431 (GCVE-0-2018-15431)

Vulnerability from cvelistv5 – Published: 2018-10-05 14:00 – Updated: 2024-11-26 14:27

Title

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

Summary

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.

Severity ?

No CVSS data available.

CWE

CWE-20

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1041795	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/105520	vdb-entryx_refsource_BID
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco WebEx WRF Player	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041795",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041795"
          },
          {
            "name": "105520",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105520"
          },
          {
            "name": "20181003 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:50:42.745611Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:27:13.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco WebEx WRF Player",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041795",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041795"
        },
        {
          "name": "105520",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105520"
        },
        {
          "name": "20181003 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-webex-rce",
        "defect": [
          [
            "CSCvj83752",
            "CSCvj83767",
            "CSCvj83771",
            "CSCvj83793",
            "CSCvj83797",
            "CSCvj83803",
            "CSCvj83818",
            "CSCvj83824",
            "CSCvj83831",
            "CSCvj87929",
            "CSCvj87934",
            "CSCvj93870",
            "CSCvj93877",
            "CSCvk31089",
            "CSCvk33049",
            "CSCvk52510",
            "CSCvk52518",
            "CSCvk52521",
            "CSCvk59945",
            "CSCvk59949",
            "CSCvk59950",
            "CSCvk60158",
            "CSCvk60163",
            "CSCvm51315",
            "CSCvm51318",
            "CSCvm51361",
            "CSCvm51371",
            "CSCvm51373",
            "CSCvm51374",
            "CSCvm51382",
            "CSCvm51386",
            "CSCvm51391",
            "CSCvm51393",
            "CSCvm51396",
            "CSCvm51398",
            "CSCvm51412",
            "CSCvm51413",
            "CSCvm54531",
            "CSCvm54538"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15431",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco WebEx WRF Player",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041795",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041795"
            },
            {
              "name": "105520",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105520"
            },
            {
              "name": "20181003 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-webex-rce",
          "defect": [
            [
              "CSCvj83752",
              "CSCvj83767",
              "CSCvj83771",
              "CSCvj83793",
              "CSCvj83797",
              "CSCvj83803",
              "CSCvj83818",
              "CSCvj83824",
              "CSCvj83831",
              "CSCvj87929",
              "CSCvj87934",
              "CSCvj93870",
              "CSCvj93877",
              "CSCvk31089",
              "CSCvk33049",
              "CSCvk52510",
              "CSCvk52518",
              "CSCvk52521",
              "CSCvk59945",
              "CSCvk59949",
              "CSCvk59950",
              "CSCvk60158",
              "CSCvk60163",
              "CSCvm51315",
              "CSCvm51318",
              "CSCvm51361",
              "CSCvm51371",
              "CSCvm51373",
              "CSCvm51374",
              "CSCvm51382",
              "CSCvm51386",
              "CSCvm51391",
              "CSCvm51393",
              "CSCvm51396",
              "CSCvm51398",
              "CSCvm51412",
              "CSCvm51413",
              "CSCvm54531",
              "CSCvm54538"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15431",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:27:13.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-21328

CVE-2018-15431 (GCVE-0-2018-15431)

Tags

Sightings

Nomenclature