CVE-2024-20395 - Vulnerability Details

A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Cisco	Webex Teams

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-07-17T16:32:07.102Z

Updated: 2024-08-01T21:59:42.341Z

Reserved: 2023-11-08T15:08:07.659Z

Link: CVE-2024-20395

Vulnrichment

Updated: 2024-07-18T13:15:14.500Z

NVD

Status : Awaiting Analysis

Published: 2024-07-17T17:15:12.833

Modified: 2024-11-21T08:52:32.550

Link: CVE-2024-20395

Redhat

No data.

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20395", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.659Z", "datePublished": "2024-07-17T16:32:07.102Z", "dateUpdated": "2024-08-01T21:59:42.341Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-07-17T16:32:07.102Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Teams", "versions": [{"version": "3.0.13464.0", "status": "affected"}, {"version": "3.0.13538.0", "status": "affected"}, {"version": "3.0.13588.0", "status": "affected"}, {"version": "3.0.14154.0", "status": "affected"}, {"version": "3.0.14234.0", "status": "affected"}, {"version": "3.0.14375.0", "status": "affected"}, {"version": "3.0.14741.0", "status": "affected"}, {"version": "3.0.14866.0", "status": "affected"}, {"version": "3.0.15015.0", "status": "affected"}, {"version": "3.0.15036.0", "status": "affected"}, {"version": "3.0.15092.0", "status": "affected"}, {"version": "3.0.15131.0", "status": "affected"}, {"version": "3.0.15164.0", "status": "affected"}, {"version": "3.0.15221.0", "status": "affected"}, {"version": "3.0.15333.0", "status": "affected"}, {"version": "3.0.15410.0", "status": "affected"}, {"version": "3.0.15485.0", "status": "affected"}, {"version": "3.0.15645.0", "status": "affected"}, {"version": "3.0.15711.0", "status": "affected"}, {"version": "3.0.16040.0", "status": "affected"}, {"version": "3.0.16269.0", "status": "affected"}, {"version": "3.0.16273.0", "status": "affected"}, {"version": "3.0.16285.0", "status": "affected"}, {"version": "4.0", "status": "affected"}, {"version": "4.1", "status": "affected"}, {"version": "4.10", "status": "affected"}, {"version": "4.12", "status": "affected"}, {"version": "4.13", "status": "affected"}, {"version": "4.14", "status": "affected"}, {"version": "4.15", "status": "affected"}, {"version": "4.16", "status": "affected"}, {"version": "4.17", "status": "affected"}, {"version": "4.18", "status": "affected"}, {"version": "4.19", "status": "affected"}, {"version": "4.2", "status": "affected"}, {"version": "4.20", "status": "affected"}, {"version": "4.3", "status": "affected"}, {"version": "4.4", "status": "affected"}, {"version": "4.5", "status": "affected"}, {"version": "4.6", "status": "affected"}, {"version": "4.8", "status": "affected"}, {"version": "4.9", "status": "affected"}, {"version": "4.1.57", "status": "affected"}, {"version": "4.1.92", "status": "affected"}, {"version": "4.10.343", "status": "affected"}, {"version": "4.11.211", "status": "affected"}, {"version": "4.12.236", "status": "affected"}, {"version": "4.13.200", "status": "affected"}, {"version": "4.2.42", "status": "affected"}, {"version": "4.2.75", "status": "affected"}, {"version": "4.5.224", "status": "affected"}, {"version": "4.6.197", "status": "affected"}, {"version": "4.7.78", "status": "affected"}, {"version": "4.8.170", "status": "affected"}, {"version": "4.9.205", "status": "affected"}, {"version": "4.9.252", "status": "affected"}, {"version": "4.9.269", "status": "affected"}, {"version": "42.1.0.169", "status": "affected"}, {"version": "42.1.0.21190", "status": "affected"}, {"version": "42.1.0.2219", "status": "affected"}, {"version": "42.10", "status": "affected"}, {"version": "42.10.0.23814", "status": "affected"}, {"version": "42.10.0.24000", "status": "affected"}, {"version": "42.11", "status": "affected"}, {"version": "42.11.0.24187", "status": "affected"}, {"version": "42.12", "status": "affected"}, {"version": "42.12.0.24485", "status": "affected"}, {"version": "42.2", "status": "affected"}, {"version": "42.2.0.21338", "status": "affected"}, {"version": "42.2.0.21486", "status": "affected"}, {"version": "42.3", "status": "affected"}, {"version": "42.3.0.21576", "status": "affected"}, {"version": "42.4.1.22032", "status": "affected"}, {"version": "42.5.0.22259", "status": "affected"}, {"version": "42.6", "status": "affected"}, {"version": "42.6.0.22565", "status": "affected"}, {"version": "42.6.0.22645", "status": "affected"}, {"version": "42.7", "status": "affected"}, {"version": "42.7.0.22904", "status": "affected"}, {"version": "42.7.0.23054", "status": "affected"}, {"version": "42.8", "status": "affected"}, {"version": "42.8.0.23214", "status": "affected"}, {"version": "42.8.0.23281", "status": "affected"}, {"version": "42.9", "status": "affected"}, {"version": "42.9.0.23494", "status": "affected"}, {"version": "43.1", "status": "affected"}, {"version": "43.1.0.24716", "status": "affected"}, {"version": "43.2", "status": "affected"}, {"version": "43.2.0.25157", "status": "affected"}, {"version": "43.2.0.25211", "status": "affected"}, {"version": "43.3", "status": "affected"}, {"version": "43.3.0.25468", "status": "affected"}, {"version": "43.4", "status": "affected"}, {"version": "43.4.0.25788", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unprotected Transport of Credentials", "type": "cwe", "cweId": "CWE-523"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-webex-app-ZjNm8X8j", "discovery": "EXTERNAL", "defects": ["CSCwj36941", "CSCwj36943"]}}, "adp": [{"affected": [{"vendor": "cisco", "product": "webex_teams", "cpes": ["cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.0.13464.0", "status": "affected"}, {"version": "3.0.13538.0", "status": "affected"}, {"version": "3.0.13588.0", "status": "affected"}, {"version": "3.0.14154.0", "status": "affected"}, {"version": "3.0.14234.0", "status": "affected"}, {"version": "3.0.14375.0", "status": "affected"}, {"version": "3.0.14741.0", "status": "affected"}, {"version": "3.0.14866.0", "status": "affected"}, {"version": "3.0.15015.0", "status": "affected"}, {"version": "3.0.15036.0", "status": "affected"}, {"version": "3.0.15092.0", "status": "affected"}, {"version": "3.0.15131.0", "status": "affected"}, {"version": "3.0.15164.0", "status": "affected"}, {"version": "3.0.15221.0", "status": "affected"}, {"version": "3.0.15333.0", "status": "affected"}, {"version": "3.0.15410.0", "status": "affected"}, {"version": "3.0.15485.0", "status": "affected"}, {"version": "3.0.15645.0", "status": "affected"}, {"version": "3.0.15711.0", "status": "affected"}, {"version": "3.0.16040.0", "status": "affected"}, {"version": "3.0.16269.0", "status": "affected"}, {"version": "3.0.16273.0", "status": "affected"}, {"version": "3.0.16285.0", "status": "affected"}, {"version": "4.0", "status": "affected"}, {"version": "4.1", "status": "affected"}, {"version": "4.10", "status": "affected"}, {"version": "4.12", "status": "affected"}, {"version": "4.13", "status": "affected"}, {"version": "4.14", "status": "affected"}, {"version": "4.15", "status": "affected"}, {"version": "4.16", "status": "affected"}, {"version": "4.17", "status": "affected"}, {"version": "4.18", "status": "affected"}, {"version": "4.19", "status": "affected"}, {"version": "4.2", "status": "affected"}, {"version": "4.20", "status": "affected"}, {"version": "4.3", "status": "affected"}, {"version": "4.4", "status": "affected"}, {"version": "4.5", "status": "affected"}, {"version": "4.6", "status": "affected"}, {"version": "4.8", "status": "affected"}, {"version": "4.9", "status": "affected"}, {"version": "4.1.57", "status": "affected"}, {"version": "4.1.92", "status": "affected"}, {"version": "4.10.343", "status": "affected"}, {"version": "4.11.211", "status": "affected"}, {"version": "4.12.236", "status": "affected"}, {"version": "4.13.200", "status": "affected"}, {"version": "4.2.42", "status": "affected"}, {"version": "4.2.75", "status": "affected"}, {"version": "4.5.224", "status": "affected"}, {"version": "4.6.197", "status": "affected"}, {"version": "4.7.78", "status": "affected"}, {"version": "4.8.170", "status": "affected"}, {"version": "4.9.205", "status": "affected"}, {"version": "4.9.252", "status": "affected"}, {"version": "4.9.269", "status": "affected"}, {"version": "42.1.0.169", "status": "affected"}, {"version": "42.1.0.21190", "status": "affected"}, {"version": "42.1.0.2219", "status": "affected"}, {"version": "42.10", "status": "affected"}, {"version": "42.10.0.23814", "status": "affected"}, {"version": "42.10.0.24000", "status": "affected"}, {"version": "42.11", "status": "affected"}, {"version": "42.11.0.24187", "status": "affected"}, {"version": "42.12", "status": "affected"}, {"version": "42.12.0.24485", "status": "affected"}, {"version": "42.2", "status": "affected"}, {"version": "42.2.0.21338", "status": "affected"}, {"version": "42.2.0.21486", "status": "affected"}, {"version": "42.3", "status": "affected"}, {"version": "42.3.0.21576", "status": "affected"}, {"version": "42.4.1.22032", "status": "affected"}, {"version": "42.5.0.22259", "status": "affected"}, {"version": "42.6", "status": "affected"}, {"version": "42.6.0.22565", "status": "affected"}, {"version": "42.6.0.22645", "status": "affected"}, {"version": "42.7", "status": "affected"}, {"version": "42.7.0.22904", "status": "affected"}, {"version": "42.7.0.23054", "status": "affected"}, {"version": "42.8", "status": "affected"}, {"version": "42.8.0.23214", "status": "affected"}, {"version": "42.8.0.23281", "status": "affected"}, {"version": "42.9", "status": "affected"}, {"version": "42.9.0.23494", "status": "affected"}, {"version": "43.1", "status": "affected"}, {"version": "43.1.0.24716", "status": "affected"}, {"version": "43.2", "status": "affected"}, {"version": "43.2.0.25157", "status": "affected"}, {"version": "43.2.0.25211", "status": "affected"}, {"version": "43.3", "status": "affected"}, {"version": "43.3.0.25468", "status": "affected"}, {"version": "43.4", "status": "affected"}, {"version": "43.4.0.25788", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-18T03:55:23.962265Z", "id": "CVE-2024-20395", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-18T13:23:45.549Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:59:42.341Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-20395 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

dateReserved : 2023-11-08T15:08:07.659Z (string)

datePublished : 2024-07-17T16:32:07.102Z (string)

dateUpdated : 2024-08-01T21:59:42.341Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-07-17T16:32:07.102Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user. (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco Webex Teams (string)

versions : [ »

0 : { »

version : 3.0.13464.0 (string)

status : affected (string)

}

1 : { »

version : 3.0.13538.0 (string)

status : affected (string)

}

2 : { »

version : 3.0.13588.0 (string)

status : affected (string)

}

3 : { »

version : 3.0.14154.0 (string)

status : affected (string)

}

4 : { »

version : 3.0.14234.0 (string)

status : affected (string)

}

5 : { »

version : 3.0.14375.0 (string)

status : affected (string)

}

6 : { »

version : 3.0.14741.0 (string)

status : affected (string)

}

7 : { »

version : 3.0.14866.0 (string)

status : affected (string)

}

8 : { »

version : 3.0.15015.0 (string)

status : affected (string)

}

9 : { »

version : 3.0.15036.0 (string)

status : affected (string)

}

10 : { »

version : 3.0.15092.0 (string)

status : affected (string)

}

11 : { »

version : 3.0.15131.0 (string)

status : affected (string)

}

12 : { »

version : 3.0.15164.0 (string)

status : affected (string)

}

13 : { »

version : 3.0.15221.0 (string)

status : affected (string)

}

14 : { »

version : 3.0.15333.0 (string)

status : affected (string)

}

15 : { »

version : 3.0.15410.0 (string)

status : affected (string)

}

16 : { »

version : 3.0.15485.0 (string)

status : affected (string)

}

17 : { »

version : 3.0.15645.0 (string)

status : affected (string)

}

18 : { »

version : 3.0.15711.0 (string)

status : affected (string)

}

19 : { »

version : 3.0.16040.0 (string)

status : affected (string)

}

20 : { »

version : 3.0.16269.0 (string)

status : affected (string)

}

21 : { »

version : 3.0.16273.0 (string)

status : affected (string)

}

22 : { »

version : 3.0.16285.0 (string)

status : affected (string)

}

23 : { »

version : 4.0 (string)

status : affected (string)

}

24 : { »

version : 4.1 (string)

status : affected (string)

}

25 : { »

version : 4.10 (string)

status : affected (string)

}

26 : { »

version : 4.12 (string)

status : affected (string)

}

27 : { »

version : 4.13 (string)

status : affected (string)

}

28 : { »

version : 4.14 (string)

status : affected (string)

}

29 : { »

version : 4.15 (string)

status : affected (string)

}

30 : { »

version : 4.16 (string)

status : affected (string)

}

31 : { »

version : 4.17 (string)

status : affected (string)

}

32 : { »

version : 4.18 (string)

status : affected (string)

}

33 : { »

version : 4.19 (string)

status : affected (string)

}

34 : { »

version : 4.2 (string)

status : affected (string)

}

35 : { »

version : 4.20 (string)

status : affected (string)

}

36 : { »

version : 4.3 (string)

status : affected (string)

}

37 : { »

version : 4.4 (string)

status : affected (string)

}

38 : { »

version : 4.5 (string)

status : affected (string)

}

39 : { »

version : 4.6 (string)

status : affected (string)

}

40 : { »

version : 4.8 (string)

status : affected (string)

}

41 : { »

version : 4.9 (string)

status : affected (string)

}

42 : { »

version : 4.1.57 (string)

status : affected (string)

}

43 : { »

version : 4.1.92 (string)

status : affected (string)

}

44 : { »

version : 4.10.343 (string)

status : affected (string)

}

45 : { »

version : 4.11.211 (string)

status : affected (string)

}

46 : { »

version : 4.12.236 (string)

status : affected (string)

}

47 : { »

version : 4.13.200 (string)

status : affected (string)

}

48 : { »

version : 4.2.42 (string)

status : affected (string)

}

49 : { »

version : 4.2.75 (string)

status : affected (string)

}

50 : { »

version : 4.5.224 (string)

status : affected (string)

}

51 : { »

version : 4.6.197 (string)

status : affected (string)

}

52 : { »

version : 4.7.78 (string)

status : affected (string)

}

53 : { »

version : 4.8.170 (string)

status : affected (string)

}

54 : { »

version : 4.9.205 (string)

status : affected (string)

}

55 : { »

version : 4.9.252 (string)

status : affected (string)

}

56 : { »

version : 4.9.269 (string)

status : affected (string)

}

57 : { »

version : 42.1.0.169 (string)

status : affected (string)

}

58 : { »

version : 42.1.0.21190 (string)

status : affected (string)

}

59 : { »

version : 42.1.0.2219 (string)

status : affected (string)

}

60 : { »

version : 42.10 (string)

status : affected (string)

}

61 : { »

version : 42.10.0.23814 (string)

status : affected (string)

}

62 : { »

version : 42.10.0.24000 (string)

status : affected (string)

}

63 : { »

version : 42.11 (string)

status : affected (string)

}

64 : { »

version : 42.11.0.24187 (string)

status : affected (string)

}

65 : { »

version : 42.12 (string)

status : affected (string)

}

66 : { »

version : 42.12.0.24485 (string)

status : affected (string)

}

67 : { »

version : 42.2 (string)

status : affected (string)

}

68 : { »

version : 42.2.0.21338 (string)

status : affected (string)

}

69 : { »

version : 42.2.0.21486 (string)

status : affected (string)

}

70 : { »

version : 42.3 (string)

status : affected (string)

}

71 : { »

version : 42.3.0.21576 (string)

status : affected (string)

}

72 : { »

version : 42.4.1.22032 (string)

status : affected (string)

}

73 : { »

version : 42.5.0.22259 (string)

status : affected (string)

}

74 : { »

version : 42.6 (string)

status : affected (string)

}

75 : { »

version : 42.6.0.22565 (string)

status : affected (string)

}

76 : { »

version : 42.6.0.22645 (string)

status : affected (string)

}

77 : { »

version : 42.7 (string)

status : affected (string)

}

78 : { »

version : 42.7.0.22904 (string)

status : affected (string)

}

79 : { »

version : 42.7.0.23054 (string)

status : affected (string)

}

80 : { »

version : 42.8 (string)

status : affected (string)

}

81 : { »

version : 42.8.0.23214 (string)

status : affected (string)

}

82 : { »

version : 42.8.0.23281 (string)

status : affected (string)

}

83 : { »

version : 42.9 (string)

status : affected (string)

}

84 : { »

version : 42.9.0.23494 (string)

status : affected (string)

}

85 : { »

version : 43.1 (string)

status : affected (string)

}

86 : { »

version : 43.1.0.24716 (string)

status : affected (string)

}

87 : { »

version : 43.2 (string)

status : affected (string)

}

88 : { »

version : 43.2.0.25157 (string)

status : affected (string)

}

89 : { »

version : 43.2.0.25211 (string)

status : affected (string)

}

90 : { »

version : 43.3 (string)

status : affected (string)

}

91 : { »

version : 43.3.0.25468 (string)

status : affected (string)

}

92 : { »

version : 43.4 (string)

status : affected (string)

}

93 : { »

version : 43.4.0.25788 (string)

status : affected (string)

}

]

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : Unprotected Transport of Credentials (string)

type : cwe (string)

cweId : CWE-523 (string)

}

]

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j (string)

name : cisco-sa-webex-app-ZjNm8X8j (string)

}

]

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N (string)

baseScore : 6.4 (number)

baseSeverity : MEDIUM (string)

attackVector : ADJACENT_NETWORK (string)

attackComplexity : HIGH (string)

privilegesRequired : NONE (string)

userInteraction : REQUIRED (string)

scope : UNCHANGED (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

availabilityImpact : NONE (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-webex-app-ZjNm8X8j (string)

discovery : EXTERNAL (string)

defects : [ »

0 : CSCwj36941 (string)

1 : CSCwj36943 (string)

]

}

adp : [ »

0 : { »

affected : [ »

0 : { »

vendor : cisco (string)

product : webex_teams (string)

cpes : [ »

0 : cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:* (string)

1 : cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:* (string)

2 : cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:* (string)

3 : cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:* (string)

4 : cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:* (string)

5 : cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:* (string)

6 : cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:* (string)

7 : cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:* (string)

8 : cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:* (string)

9 : cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:* (string)

10 : cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:* (string)

11 : cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:* (string)

12 : cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:* (string)

13 : cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:* (string)

14 : cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:* (string)

15 : cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:* (string)

16 : cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:* (string)

17 : cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:* (string)

18 : cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:* (string)

19 : cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:* (string)

20 : cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:* (string)

21 : cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:* (string)

22 : cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:* (string)

23 : cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:* (string)

24 : cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:* (string)

25 : cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:* (string)

26 : cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:* (string)

27 : cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:* (string)

28 : cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:* (string)

29 : cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:* (string)

30 : cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:* (string)

31 : cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:* (string)

32 : cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:* (string)

33 : cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:* (string)

34 : cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:* (string)

35 : cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:* (string)

36 : cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:* (string)

37 : cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:* (string)

38 : cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:* (string)

39 : cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:* (string)

40 : cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:* (string)

41 : cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:* (string)

42 : cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:* (string)

43 : cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:* (string)

44 : cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:* (string)

45 : cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:* (string)

46 : cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:* (string)

47 : cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:* (string)

48 : cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:* (string)

49 : cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:* (string)

50 : cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:* (string)

51 : cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:* (string)

52 : cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:* (string)

53 : cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:* (string)

54 : cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:* (string)

55 : cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:* (string)

56 : cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:* (string)

57 : cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:* (string)

58 : cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:* (string)

59 : cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:* (string)

60 : cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:* (string)

61 : cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:* (string)

62 : cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:* (string)

63 : cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:* (string)

64 : cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:* (string)

65 : cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:* (string)

66 : cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:* (string)

67 : cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:* (string)

68 : cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:* (string)

69 : cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:* (string)

70 : cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:* (string)

71 : cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:* (string)

72 : cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:* (string)

73 : cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:* (string)

74 : cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:* (string)

75 : cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:* (string)

76 : cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:* (string)

77 : cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:* (string)

78 : cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:* (string)

79 : cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:* (string)

80 : cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:* (string)

81 : cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:* (string)

82 : cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:* (string)

83 : cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:* (string)

84 : cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:* (string)

85 : cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:* (string)

86 : cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:* (string)

87 : cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:* (string)

88 : cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:* (string)

89 : cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:* (string)

90 : cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:* (string)

91 : cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:* (string)

92 : cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:* (string)

93 : cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 3.0.13464.0 (string)

status : affected (string)

}

1 : { »

version : 3.0.13538.0 (string)

status : affected (string)

}

2 : { »

version : 3.0.13588.0 (string)

status : affected (string)

}

3 : { »

version : 3.0.14154.0 (string)

status : affected (string)

}

4 : { »

version : 3.0.14234.0 (string)

status : affected (string)

}

5 : { »

version : 3.0.14375.0 (string)

status : affected (string)

}

6 : { »

version : 3.0.14741.0 (string)

status : affected (string)

}

7 : { »

version : 3.0.14866.0 (string)

status : affected (string)

}

8 : { »

version : 3.0.15015.0 (string)

status : affected (string)

}

9 : { »

version : 3.0.15036.0 (string)

status : affected (string)

}

10 : { »

version : 3.0.15092.0 (string)

status : affected (string)

}

11 : { »

version : 3.0.15131.0 (string)

status : affected (string)

}

12 : { »

version : 3.0.15164.0 (string)

status : affected (string)

}

13 : { »

version : 3.0.15221.0 (string)

status : affected (string)

}

14 : { »

version : 3.0.15333.0 (string)

status : affected (string)

}

15 : { »

version : 3.0.15410.0 (string)

status : affected (string)

}

16 : { »

version : 3.0.15485.0 (string)

status : affected (string)

}

17 : { »

version : 3.0.15645.0 (string)

status : affected (string)

}

18 : { »

version : 3.0.15711.0 (string)

status : affected (string)

}

19 : { »

version : 3.0.16040.0 (string)

status : affected (string)

}

20 : { »

version : 3.0.16269.0 (string)

status : affected (string)

}

21 : { »

version : 3.0.16273.0 (string)

status : affected (string)

}

22 : { »

version : 3.0.16285.0 (string)

status : affected (string)

}

23 : { »

version : 4.0 (string)

status : affected (string)

}

24 : { »

version : 4.1 (string)

status : affected (string)

}

25 : { »

version : 4.10 (string)

status : affected (string)

}

26 : { »

version : 4.12 (string)

status : affected (string)

}

27 : { »

version : 4.13 (string)

status : affected (string)

}

28 : { »

version : 4.14 (string)

status : affected (string)

}

29 : { »

version : 4.15 (string)

status : affected (string)

}

30 : { »

version : 4.16 (string)

status : affected (string)

}

31 : { »

version : 4.17 (string)

status : affected (string)

}

32 : { »

version : 4.18 (string)

status : affected (string)

}

33 : { »

version : 4.19 (string)

status : affected (string)

}

34 : { »

version : 4.2 (string)

status : affected (string)

}

35 : { »

version : 4.20 (string)

status : affected (string)

}

36 : { »

version : 4.3 (string)

status : affected (string)

}

37 : { »

version : 4.4 (string)

status : affected (string)

}

38 : { »

version : 4.5 (string)

status : affected (string)

}

39 : { »

version : 4.6 (string)

status : affected (string)

}

40 : { »

version : 4.8 (string)

status : affected (string)

}

41 : { »

version : 4.9 (string)

status : affected (string)

}

42 : { »

version : 4.1.57 (string)

status : affected (string)

}

43 : { »

version : 4.1.92 (string)

status : affected (string)

}

44 : { »

version : 4.10.343 (string)

status : affected (string)

}

45 : { »

version : 4.11.211 (string)

status : affected (string)

}

46 : { »

version : 4.12.236 (string)

status : affected (string)

}

47 : { »

version : 4.13.200 (string)

status : affected (string)

}

48 : { »

version : 4.2.42 (string)

status : affected (string)

}

49 : { »

version : 4.2.75 (string)

status : affected (string)

}

50 : { »

version : 4.5.224 (string)

status : affected (string)

}

51 : { »

version : 4.6.197 (string)

status : affected (string)

}

52 : { »

version : 4.7.78 (string)

status : affected (string)

}

53 : { »

version : 4.8.170 (string)

status : affected (string)

}

54 : { »

version : 4.9.205 (string)

status : affected (string)

}

55 : { »

version : 4.9.252 (string)

status : affected (string)

}

56 : { »

version : 4.9.269 (string)

status : affected (string)

}

57 : { »

version : 42.1.0.169 (string)

status : affected (string)

}

58 : { »

version : 42.1.0.21190 (string)

status : affected (string)

}

59 : { »

version : 42.1.0.2219 (string)

status : affected (string)

}

60 : { »

version : 42.10 (string)

status : affected (string)

}

61 : { »

version : 42.10.0.23814 (string)

status : affected (string)

}

62 : { »

version : 42.10.0.24000 (string)

status : affected (string)

}

63 : { »

version : 42.11 (string)

status : affected (string)

}

64 : { »

version : 42.11.0.24187 (string)

status : affected (string)

}

65 : { »

version : 42.12 (string)

status : affected (string)

}

66 : { »

version : 42.12.0.24485 (string)

status : affected (string)

}

67 : { »

version : 42.2 (string)

status : affected (string)

}

68 : { »

version : 42.2.0.21338 (string)

status : affected (string)

}

69 : { »

version : 42.2.0.21486 (string)

status : affected (string)

}

70 : { »

version : 42.3 (string)

status : affected (string)

}

71 : { »

version : 42.3.0.21576 (string)

status : affected (string)

}

72 : { »

version : 42.4.1.22032 (string)

status : affected (string)

}

73 : { »

version : 42.5.0.22259 (string)

status : affected (string)

}

74 : { »

version : 42.6 (string)

status : affected (string)

}

75 : { »

version : 42.6.0.22565 (string)

status : affected (string)

}

76 : { »

version : 42.6.0.22645 (string)

status : affected (string)

}

77 : { »

version : 42.7 (string)

status : affected (string)

}

78 : { »

version : 42.7.0.22904 (string)

status : affected (string)

}

79 : { »

version : 42.7.0.23054 (string)

status : affected (string)

}

80 : { »

version : 42.8 (string)

status : affected (string)

}

81 : { »

version : 42.8.0.23214 (string)

status : affected (string)

}

82 : { »

version : 42.8.0.23281 (string)

status : affected (string)

}

83 : { »

version : 42.9 (string)

status : affected (string)

}

84 : { »

version : 42.9.0.23494 (string)

status : affected (string)

}

85 : { »

version : 43.1 (string)

status : affected (string)

}

86 : { »

version : 43.1.0.24716 (string)

status : affected (string)

}

87 : { »

version : 43.2 (string)

status : affected (string)

}

88 : { »

version : 43.2.0.25157 (string)

status : affected (string)

}

89 : { »

version : 43.2.0.25211 (string)

status : affected (string)

}

90 : { »

version : 43.3 (string)

status : affected (string)

}

91 : { »

version : 43.3.0.25468 (string)

status : affected (string)

}

92 : { »

version : 43.4 (string)

status : affected (string)

}

93 : { »

version : 43.4.0.25788 (string)

status : affected (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-07-18T03:55:23.962265Z (string)

id : CVE-2024-20395 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-18T13:23:45.549Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-01T21:59:42.341Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j (string)

name : cisco-sa-webex-app-ZjNm8X8j (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20395", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.659Z", "datePublished": "2024-07-17T16:32:07.102Z", "dateUpdated": "2024-07-18T13:23:45.549Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-07-17T16:32:07.102Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information.\r\n\r This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such as images. An attacker could exploit this vulnerability by sending a message with embedded media that is stored on a messaging server to a targeted user. If the attacker can observe transmitted traffic in a privileged network position, a successful exploit could allow the attacker to capture session token information from insecurely transmitted requests and possibly reuse the captured session information to take further actions as the targeted user."}], "affected": [{"vendor": "Cisco", "product": "Cisco Webex Teams", "versions": [{"version": "3.0.13464.0", "status": "affected"}, {"version": "3.0.13538.0", "status": "affected"}, {"version": "3.0.13588.0", "status": "affected"}, {"version": "3.0.14154.0", "status": "affected"}, {"version": "3.0.14234.0", "status": "affected"}, {"version": "3.0.14375.0", "status": "affected"}, {"version": "3.0.14741.0", "status": "affected"}, {"version": "3.0.14866.0", "status": "affected"}, {"version": "3.0.15015.0", "status": "affected"}, {"version": "3.0.15036.0", "status": "affected"}, {"version": "3.0.15092.0", "status": "affected"}, {"version": "3.0.15131.0", "status": "affected"}, {"version": "3.0.15164.0", "status": "affected"}, {"version": "3.0.15221.0", "status": "affected"}, {"version": "3.0.15333.0", "status": "affected"}, {"version": "3.0.15410.0", "status": "affected"}, {"version": "3.0.15485.0", "status": "affected"}, {"version": "3.0.15645.0", "status": "affected"}, {"version": "3.0.15711.0", "status": "affected"}, {"version": "3.0.16040.0", "status": "affected"}, {"version": "3.0.16269.0", "status": "affected"}, {"version": "3.0.16273.0", "status": "affected"}, {"version": "3.0.16285.0", "status": "affected"}, {"version": "4.0", "status": "affected"}, {"version": "4.1", "status": "affected"}, {"version": "4.10", "status": "affected"}, {"version": "4.12", "status": "affected"}, {"version": "4.13", "status": "affected"}, {"version": "4.14", "status": "affected"}, {"version": "4.15", "status": "affected"}, {"version": "4.16", "status": "affected"}, {"version": "4.17", "status": "affected"}, {"version": "4.18", "status": "affected"}, {"version": "4.19", "status": "affected"}, {"version": "4.2", "status": "affected"}, {"version": "4.20", "status": "affected"}, {"version": "4.3", "status": "affected"}, {"version": "4.4", "status": "affected"}, {"version": "4.5", "status": "affected"}, {"version": "4.6", "status": "affected"}, {"version": "4.8", "status": "affected"}, {"version": "4.9", "status": "affected"}, {"version": "4.1.57", "status": "affected"}, {"version": "4.1.92", "status": "affected"}, {"version": "4.10.343", "status": "affected"}, {"version": "4.11.211", "status": "affected"}, {"version": "4.12.236", "status": "affected"}, {"version": "4.13.200", "status": "affected"}, {"version": "4.2.42", "status": "affected"}, {"version": "4.2.75", "status": "affected"}, {"version": "4.5.224", "status": "affected"}, {"version": "4.6.197", "status": "affected"}, {"version": "4.7.78", "status": "affected"}, {"version": "4.8.170", "status": "affected"}, {"version": "4.9.205", "status": "affected"}, {"version": "4.9.252", "status": "affected"}, {"version": "4.9.269", "status": "affected"}, {"version": "42.1.0.169", "status": "affected"}, {"version": "42.1.0.21190", "status": "affected"}, {"version": "42.1.0.2219", "status": "affected"}, {"version": "42.10", "status": "affected"}, {"version": "42.10.0.23814", "status": "affected"}, {"version": "42.10.0.24000", "status": "affected"}, {"version": "42.11", "status": "affected"}, {"version": "42.11.0.24187", "status": "affected"}, {"version": "42.12", "status": "affected"}, {"version": "42.12.0.24485", "status": "affected"}, {"version": "42.2", "status": "affected"}, {"version": "42.2.0.21338", "status": "affected"}, {"version": "42.2.0.21486", "status": "affected"}, {"version": "42.3", "status": "affected"}, {"version": "42.3.0.21576", "status": "affected"}, {"version": "42.4.1.22032", "status": "affected"}, {"version": "42.5.0.22259", "status": "affected"}, {"version": "42.6", "status": "affected"}, {"version": "42.6.0.22565", "status": "affected"}, {"version": "42.6.0.22645", "status": "affected"}, {"version": "42.7", "status": "affected"}, {"version": "42.7.0.22904", "status": "affected"}, {"version": "42.7.0.23054", "status": "affected"}, {"version": "42.8", "status": "affected"}, {"version": "42.8.0.23214", "status": "affected"}, {"version": "42.8.0.23281", "status": "affected"}, {"version": "42.9", "status": "affected"}, {"version": "42.9.0.23494", "status": "affected"}, {"version": "43.1", "status": "affected"}, {"version": "43.1.0.24716", "status": "affected"}, {"version": "43.2", "status": "affected"}, {"version": "43.2.0.25157", "status": "affected"}, {"version": "43.2.0.25211", "status": "affected"}, {"version": "43.3", "status": "affected"}, {"version": "43.3.0.25468", "status": "affected"}, {"version": "43.4", "status": "affected"}, {"version": "43.4.0.25788", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unprotected Transport of Credentials", "type": "cwe", "cweId": "CWE-523"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-ZjNm8X8j", "name": "cisco-sa-webex-app-ZjNm8X8j"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-webex-app-ZjNm8X8j", "discovery": "EXTERNAL", "defects": ["CSCwj36941", "CSCwj36943"]}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20395", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-18T03:55:23.962265Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:webex_teams:3.0.13464.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.13538.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.13588.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14154.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14234.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14375.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14741.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.14866.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15015.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15036.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15092.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15131.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15164.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15221.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15333.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15410.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15485.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15645.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.15711.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16040.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16269.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16273.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:3.0.16285.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.12:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.13:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.14:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.15:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.16:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.17:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.18:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.19:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.20:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.5:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.8:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1.57:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.1.92:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.10.343:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.11.211:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.12.236:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.13.200:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2.42:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.2.75:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.5.224:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.6.197:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.7.78:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.8.170:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.205:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.252:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:4.9.269:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.169:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.21190:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.1.0.2219:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10.0.23814:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.10.0.24000:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.11:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.11.0.24187:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.12:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.12.0.24485:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2.0.21338:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.2.0.21486:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.3.0.21576:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.4.1.22032:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.5.0.22259:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6.0.22565:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.6.0.22645:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7.0.22904:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.7.0.23054:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8.0.23214:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.8.0.23281:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.9:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:42.9.0.23494:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.1.0.24716:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2.0.25157:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.2.0.25211:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.3:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.3.0.25468:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.4:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:webex_teams:43.4.0.25788:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "webex_teams", "versions": [{"status": "affected", "version": "3.0.13464.0"}, {"status": "affected", "version": "3.0.13538.0"}, {"status": "affected", "version": "3.0.13588.0"}, {"status": "affected", "version": "3.0.14154.0"}, {"status": "affected", "version": "3.0.14234.0"}, {"status": "affected", "version": "3.0.14375.0"}, {"status": "affected", "version": "3.0.14741.0"}, {"status": "affected", "version": "3.0.14866.0"}, {"status": "affected", "version": "3.0.15015.0"}, {"status": "affected", "version": "3.0.15036.0"}, {"status": "affected", "version": "3.0.15092.0"}, {"status": "affected", "version": "3.0.15131.0"}, {"status": "affected", "version": "3.0.15164.0"}, {"status": "affected", "version": "3.0.15221.0"}, {"status": "affected", "version": "3.0.15333.0"}, {"status": "affected", "version": "3.0.15410.0"}, {"status": "affected", "version": "3.0.15485.0"}, {"status": "affected", "version": "3.0.15645.0"}, {"status": "affected", "version": "3.0.15711.0"}, {"status": "affected", "version": "3.0.16040.0"}, {"status": "affected", "version": "3.0.16269.0"}, {"status": "affected", "version": "3.0.16273.0"}, {"status": "affected", "version": "3.0.16285.0"}, {"status": "affected", "version": "4.0"}, {"status": "affected", "version": "4.1"}, {"status": "affected", "version": "4.10"}, {"status": "affected", "version": "4.12"}, {"status": "affected", "version": "4.13"}, {"status": "affected", "version": "4.14"}, {"status": "affected", "version": "4.15"}, {"status": "affected", "version": "4.16"}, {"status": "affected", "version": "4.17"}, {"status": "affected", "version": "4.18"}, {"status": "affected", "version": "4.19"}, {"status": "affected", "version": "4.2"}, {"status": "affected", "version": "4.20"}, {"status": "affected", "version": "4.3"}, {"status": "affected", "version": "4.4"}, {"status": "affected", "version": "4.5"}, {"status": "affected", "version": "4.6"}, {"status": "affected", "version": "4.8"}, {"status": "affected", "version": "4.9"}, {"status": "affected", "version": "4.1.57"}, {"status": "affected", "version": "4.1.92"}, {"status": "affected", "version": "4.10.343"}, {"status": "affected", "version": "4.11.211"}, {"status": "affected", "version": "4.12.236"}, {"status": "affected", "version": "4.13.200"}, {"status": "affected", "version": "4.2.42"}, {"status": "affected", "version": "4.2.75"}, {"status": "affected", "version": "4.5.224"}, {"status": "affected", "version": "4.6.197"}, {"status": "affected", "version": "4.7.78"}, {"status": "affected", "version": "4.8.170"}, {"status": "affected", "version": "4.9.205"}, {"status": "affected", "version": "4.9.252"}, {"status": "affected", "version": "4.9.269"}, {"status": "affected", "version": "42.1.0.169"}, {"status": "affected", "version": "42.1.0.21190"}, {"status": "affected", "version": "42.1.0.2219"}, {"status": "affected", "version": "42.10"}, {"status": "affected", "version": "42.10.0.23814"}, {"status": "affected", "version": "42.10.0.24000"}, {"status": "affected", "version": "42.11"}, {"status": "affected", "version": "42.11.0.24187"}, {"status": "affected", "version": "42.12"}, {"status": "affected", "version": "42.12.0.24485"}, {"status": "affected", "version": "42.2"}, {"status": "affected", "version": "42.2.0.21338"}, {"status": "affected", "version": "42.2.0.21486"}, {"status": "affected", "version": "42.3"}, {"status": "affected", "version": "42.3.0.21576"}, {"status": "affected", "version": "42.4.1.22032"}, {"status": "affected", "version": "42.5.0.22259"}, {"status": "affected", "version": "42.6"}, {"status": "affected", "version": "42.6.0.22565"}, {"status": "affected", "version": "42.6.0.22645"}, {"status": "affected", "version": "42.7"}, {"status": "affected", "version": "42.7.0.22904"}, {"status": "affected", "version": "42.7.0.23054"}, {"status": "affected", "version": "42.8"}, {"status": "affected", "version": "42.8.0.23214"}, {"status": "affected", "version": "42.8.0.23281"}, {"status": "affected", "version": "42.9"}, {"status": "affected", "version": "42.9.0.23494"}, {"status": "affected", "version": "43.1"}, {"status": "affected", "version": "43.1.0.24716"}, {"status": "affected", "version": "43.2"}, {"status": "affected", "version": "43.2.0.25157"}, {"status": "affected", "version": "43.2.0.25211"}, {"status": "affected", "version": "43.3"}, {"status": "affected", "version": "43.3.0.25468"}, {"status": "affected", "version": "43.4"}, {"status": "affected", "version": "43.4.0.25788"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-18T13:15:14.500Z"}}]}}