VDB
CVE-2017-12367
CVE-2017-12367
PUBLISHED
CVSS 9.600000381469727 CRITICAL
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCve11545, CSCve02843, CSCve11548.
EPSS 1.21% · 79.4th percentile
Risk Scores
CVSS 3.0
9.600000381469727
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
1.21%
79.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Cisco WebEx Recording Format and Advanced Recording Format Players | Cisco WebEx Recording Format and Advanced Recording Format Players |
| cisco | webex_meetings_server | t29, t30, t31.11.2 |
Timeline
- Nov 29, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score