漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability
Vulnerability Description
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco?Webex Meetings 访问控制错误漏洞
Vulnerability Description
Cisco?Webex Meeting Center是美国思科(Cisco)公司的一套在线协作视频会议解决方案。 Cisco?Webex Meetings 存在安全漏洞,该漏洞源于对更新分发列表的请求授权执行不足。攻击者可利用该漏洞修改属于用户而不是自己的分布列表。
CVSS Information
N/A
Vulnerability Type
N/A