VDB
CVE-2017-12370
CVE-2017-12370
PUBLISHED
CVSS 6.800000190734863 MEDIUM
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf38060, CSCvg54836, CSCvf38077, CSCvg54843, CSCvf38084, CSCvg54850.
EPSS 2.15% · 84.6th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
2.15%
84.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Cisco WebEx Recording Format and Advanced Recording Format Players | Cisco WebEx Recording Format and Advanced Recording Format Players |
| cisco | webex_meetings | t30, t31 |
Exploit Intelligence
Timeline
- Nov 29, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score