A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization enforcement for the creation of scheduled meeting templates. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to create a scheduled meeting template. A successful exploit could allow the attacker to create a scheduled meeting template that would belong to a user other than themselves.
History

Wed, 13 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-08-17T18:01:20.976499Z

Updated: 2024-11-13T18:14:30.308Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3412

cve-icon Vulnrichment

Updated: 2024-08-04T07:30:58.384Z

cve-icon NVD

Status : Modified

Published: 2020-08-17T18:15:12.760

Modified: 2024-11-21T05:30:58.883

Link: CVE-2020-3412

cve-icon Redhat

No data.