Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1910
Cisco Webex Meetings and Webex Meetings Server security update
3 June 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Webex Meetings
Cisco Webex Meetings Server
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Provide Misleading Information -- Remote with User Interaction
Unauthorised Access -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-1525 CVE-2021-1517
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO
Comment: This bulletin contains two (2) Cisco Systems security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability
Priority: Medium
Advisory ID: cisco-sa-webex-redirect-XuZFU3PH
First Published: 2021 June 2 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvx80708 CSCvx82562
CVE Names: CVE-2021-1525
CWEs: CWE-601
Summary
o A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server
could allow an unauthenticated, remote attacker to redirect users to a
malicious file.
This vulnerability is due to improper validation of URL paths in the
application interface. An attacker could exploit this vulnerability by
persuading a user to follow a specially crafted URL that is designed to
cause Cisco Webex Meetings to include a remote file in the web UI. A
successful exploit could allow the attacker to cause the application to
offer a remote file to a user, which could allow the attacker to conduct
further phishing or spoofing attacks.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH
Affected Products
o Vulnerable Products
This vulnerability affects Cisco Webex Meetings, which is cloud based.
At the time of publication, this vulnerability also affected Cisco Webex
Meetings Server releases earlier than Release 3.0 MR4 and Release 4.0 MR4.
See the Details section in the bug ID(s) at the top of this advisory for
the most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
Cisco has addressed this vulnerability in Cisco Webex Meetings, which is
cloud based. No user action is required. Customers can determine the
current remediation status or software version by using the Help function
in the service GUI.
At the time of publication, Cisco Webex Meetings Server releases 3.0 MR4
and later and 4.0 MR4 and later contained the fix for this vulnerability.
See the Details section in the bug ID(s) at the top of this advisory for
the most complete and current information.
Customers who need additional information are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o Cisco would like to thank Alexandros Zacharis of ENISA for reporting this
vulnerability.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-redirect-XuZFU3PH
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2021-JUN-02 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------------------------------------------------------------
Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security
Bypass Vulnerability
Priority: Medium
Advisory ID: cisco-sa-webex-multimedia-26DpqVRO
First Published: 2021 June 2 16:00 GMT
Version 1.0: Final
Workarounds: No workarounds available
Cisco Bug IDs: CSCvx80691 CSCvx82557
CVE Names: CVE-2021-1517
CWEs: CWE-693
Summary
o A vulnerability in the multimedia viewer feature of Cisco Webex Meetings
and Cisco Webex Meetings Server could allow an authenticated, remote
attacker to bypass security protections.
This vulnerability is due to unsafe handling of shared content within the
multimedia viewer feature. An attacker could exploit this vulnerability by
sharing a file through the multimedia viewer feature. A successful exploit
could allow the attacker to bypass security protections and prevent warning
dialogs from appearing before files are offered to other users.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO
Affected Products
o Vulnerable Products
This vulnerability affects Cisco Webex Meetings, which is cloud based.
At the time of publication, this vulnerability also affected Cisco Webex
Meetings Server releases earlier than Release 3.0 MR4 and Release 4.0 MR4.
See the Details section in the bug ID(s) at the top of this advisory for
the most complete and current information.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products section of this advisory
are known to be affected by this vulnerability.
Workarounds
o There are no workarounds that address this vulnerability.
Fixed Software
o When considering software upgrades , customers are advised to regularly
consult the advisories for Cisco products, which are available from the
Cisco Security Advisories page , to determine exposure and a complete
upgrade solution.
In all cases, customers should ensure that the devices to be upgraded
contain sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release.
If the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Fixed Releases
Cisco has addressed this vulnerability in Cisco Webex Meetings, which is
cloud based. No user action is required. Customers can determine the
current remediation status or software version by using the Help function
in the service GUI.
At the time of publication, Cisco Webex Meetings Server releases 3.0 MR4
and 4.0 MR4 contained the fix for this vulnerability.
See the Details section in the bug ID(s) at the top of this advisory for
the most complete and current information.
Customers who need additional information are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance
providers.
Exploitation and Public Announcements
o The Cisco Product Security Incident Response Team (PSIRT) is not aware of
any public announcements or malicious use of the vulnerability that is
described in this advisory.
Source
o Cisco would like to thank Alexandros Zacharis of ENISA for reporting this
vulnerability.
Cisco Security Vulnerability Policy
o To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy . This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
URL
o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO
Revision History
o +----------+---------------------------+----------+--------+--------------+
| Version | Description | Section | Status | Date |
+----------+---------------------------+----------+--------+--------------+
| 1.0 | Initial public release. | - | Final | 2021-JUN-02 |
+----------+---------------------------+----------+--------+--------------+
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYLghHONLKJtyKPYoAQhC4A//WwBskvfqQoUW06+BEmOuTMppGQrGYakg
Iq0UQtEbYLw9VnrW5fx1JkOKX5Dm++ZSlsFa7ZwaO8dzWHDgoNdytnQAsJx5LcEK
g1qv0xpSwk2Zsnm1F7Q46N8fXAAlFpxeSi2UBpsVN80/ADJTDdqg/SftSfA9f6qw
lF1DECeIchLUeYdmCNfkQ47oT/h8Cp56UBpEUcILv3L61aokyxcf+NmiKZBgG5qj
VoR/efis7j6UNFkxWKUziTvowQBaGbjzGkgX+nD5//DzQDdE27S/QtFR3R2qIET1
xjXXe57YY2Bf+COkA9Zv5aaDK5cFQbnDGaZ3xlGMOsYOhjswvH1iN9UvyCxHb149
mn3Xgy5y2617/5YrgRB4ASB9Jg9vJJBI95nfpoCcoWvHkHRZoerb0v2UXTVmvQuB
A02xNUYtszII4TLl0gzwvG8Djf4nBNXtjv4ygRSnqsYWnUyy4CUBPbiQlbUxfFkN
dQpHUwSB2kGS4GpDZV7y4+xHgbaVJM3TL7T1jEwX0y40uzfP6bEeiZLNbrGYSMTe
0GHOk57EgftUk5f2SmHYAPYOkdcCtYeGaeSN71ZpK1qxur5U5Pw4PlXEBz4n8Hoj
0ClSopznpdsaSNgqnItjToK7oWxXQpz2xePW6XpzUqXYJnQXaGyb16DEQCiTZGDy
p8k7PYGz/es=
=UdoI
-----END PGP SIGNATURE-----