CVE-2021-1517

MEDIUM

Cisco Webex Meetings - Auth Bypass

Title source: llm

Description

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker could exploit this vulnerability by sharing a file through the multimedia viewer feature. A successful exploit could allow the attacker to bypass security protections and prevent warning dialogs from appearing before files are offered to other users.

References (1)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO

Scores

CVSS v3 5.0

EPSS 0.0018

EPSS Percentile 39.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Classification

CWE

CWE-693

Status published

Affected Products (12)

cisco/webex_meetings_online

cisco/webex_meetings_server < 3.0

cisco/webex_meetings_server

Timeline

Published Jun 04, 2021

Tracked Since Feb 18, 2026