CVE-2017-12367

CRITICAL

Cisco WebEx Network Recording Player - DoS

Title source: llm
STIX 2.1

Description

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCve11545, CSCve02843, CSCve11548.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102017
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1039895

Scores

CVSS v3 9.6
EPSS 0.0283
EPSS Percentile 84.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Details

CWE
CWE-119 CWE-20
Status published
Products (4)
cisco/webex_meetings_server t29
cisco/webex_meetings_server t30
cisco/webex_meetings_server t31.11.2
n/a/Cisco WebEx Recording Format and Advanced Recording Format Players Cisco WebEx Recording Format and Advanced Recording Format Players
Published Nov 30, 2017
Tracked Since Feb 18, 2026