CVE-2021-1517

MEDIUM

Cisco Webex Meetings and Webex Meetings Server - Security Protection Bypass via Multimedia Viewer Feature

Title source: llm

Description

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker could exploit this vulnerability by sharing a file through the multimedia viewer feature. A successful exploit could allow the attacker to bypass security protections and prevent warning dialogs from appearing before files are offered to other users.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-multimedia-26DpqVRO

Scores

CVSS v3 5.0

EPSS 0.0018

EPSS Percentile 39.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-693

Status published

Products (4)

cisco/webex_meetings_online 41.3.5

cisco/webex_meetings_server 3.0 (4 CPE variants)

cisco/webex_meetings_server 4.0 (6 CPE variants)

cisco/webex_meetings_server < 3.0

Published Jun 04, 2021

Tracked Since Feb 18, 2026