Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1910 Cisco Webex Meetings and Webex Meetings Server security update 3 June 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Webex Meetings Cisco Webex Meetings Server Publisher: Cisco Systems Operating System: Cisco Impact/Access: Provide Misleading Information -- Remote with User Interaction Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-1525 CVE-2021-1517 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO Comment: This bulletin contains two (2) Cisco Systems security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability Priority: Medium Advisory ID: cisco-sa-webex-redirect-XuZFU3PH First Published: 2021 June 2 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvx80708 CSCvx82562 CVE Names: CVE-2021-1525 CWEs: CWE-601 Summary o A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit this vulnerability by persuading a user to follow a specially crafted URL that is designed to cause Cisco Webex Meetings to include a remote file in the web UI. A successful exploit could allow the attacker to cause the application to offer a remote file to a user, which could allow the attacker to conduct further phishing or spoofing attacks. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH Affected Products o Vulnerable Products This vulnerability affects Cisco Webex Meetings, which is cloud based. At the time of publication, this vulnerability also affected Cisco Webex Meetings Server releases earlier than Release 3.0 MR4 and Release 4.0 MR4. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases Cisco has addressed this vulnerability in Cisco Webex Meetings, which is cloud based. No user action is required. Customers can determine the current remediation status or software version by using the Help function in the service GUI. At the time of publication, Cisco Webex Meetings Server releases 3.0 MR4 and later and 4.0 MR4 and later contained the fix for this vulnerability. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Customers who need additional information are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank Alexandros Zacharis of ENISA for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2021-JUN-02 | +----------+---------------------------+----------+--------+--------------+ - -------------------------------------------------------------------------------- Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability Priority: Medium Advisory ID: cisco-sa-webex-multimedia-26DpqVRO First Published: 2021 June 2 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCvx80691 CSCvx82557 CVE Names: CVE-2021-1517 CWEs: CWE-693 Summary o A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker could exploit this vulnerability by sharing a file through the multimedia viewer feature. A successful exploit could allow the attacker to bypass security protections and prevent warning dialogs from appearing before files are offered to other users. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO Affected Products o Vulnerable Products This vulnerability affects Cisco Webex Meetings, which is cloud based. At the time of publication, this vulnerability also affected Cisco Webex Meetings Server releases earlier than Release 3.0 MR4 and Release 4.0 MR4. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. Workarounds o There are no workarounds that address this vulnerability. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases Cisco has addressed this vulnerability in Cisco Webex Meetings, which is cloud based. No user action is required. Customers can determine the current remediation status or software version by using the Help function in the service GUI. At the time of publication, Cisco Webex Meetings Server releases 3.0 MR4 and 4.0 MR4 contained the fix for this vulnerability. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Customers who need additional information are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank Alexandros Zacharis of ENISA for reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO Revision History o +----------+---------------------------+----------+--------+--------------+ | Version | Description | Section | Status | Date | +----------+---------------------------+----------+--------+--------------+ | 1.0 | Initial public release. | - | Final | 2021-JUN-02 | +----------+---------------------------+----------+--------+--------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYLghHONLKJtyKPYoAQhC4A//WwBskvfqQoUW06+BEmOuTMppGQrGYakg Iq0UQtEbYLw9VnrW5fx1JkOKX5Dm++ZSlsFa7ZwaO8dzWHDgoNdytnQAsJx5LcEK g1qv0xpSwk2Zsnm1F7Q46N8fXAAlFpxeSi2UBpsVN80/ADJTDdqg/SftSfA9f6qw lF1DECeIchLUeYdmCNfkQ47oT/h8Cp56UBpEUcILv3L61aokyxcf+NmiKZBgG5qj VoR/efis7j6UNFkxWKUziTvowQBaGbjzGkgX+nD5//DzQDdE27S/QtFR3R2qIET1 xjXXe57YY2Bf+COkA9Zv5aaDK5cFQbnDGaZ3xlGMOsYOhjswvH1iN9UvyCxHb149 mn3Xgy5y2617/5YrgRB4ASB9Jg9vJJBI95nfpoCcoWvHkHRZoerb0v2UXTVmvQuB A02xNUYtszII4TLl0gzwvG8Djf4nBNXtjv4ygRSnqsYWnUyy4CUBPbiQlbUxfFkN dQpHUwSB2kGS4GpDZV7y4+xHgbaVJM3TL7T1jEwX0y40uzfP6bEeiZLNbrGYSMTe 0GHOk57EgftUk5f2SmHYAPYOkdcCtYeGaeSN71ZpK1qxur5U5Pw4PlXEBz4n8Hoj 0ClSopznpdsaSNgqnItjToK7oWxXQpz2xePW6XpzUqXYJnQXaGyb16DEQCiTZGDy p8k7PYGz/es= =UdoI -----END PGP SIGNATURE-----