Cisco Bug: CSCvt08611 - Webex Meetings Can Be Scheduled on Behalf of Another User
Jul 07, 2020
- Cisco Webex Meetings Online
Known Affected Releases
40.7.0 TBD WBS40.1.7
Symptom: This is a modification on the product to adopt new secure code best practices to enhance the security posture and resiliency of the product. Authorization checks fail to properly validate the source of meeting requests. By sending requests to a Cisco Webex Meetings site, another user could schedule Webex meetings on behalf of another user if the user could gain access to the numeric user ID. Conditions: Device running with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases