Guest

Preview Tool

Cisco Bug: CSCvt09232 - Cisco Webex Meetings for Windows Insecure DLL Search Order

Last Modified

Mar 04, 2020

Products (1)

  • Cisco Webex Meetings Online

Known Affected Releases

WBS40.1.6

Description (partial)

Symptom:
Cisco Webex Meetings Center for Windows insecurely searches for DLL libraries in the system path. Systems that have configured path environment variables to include directories that allow user write privileges could allow attackers to leverage this behavior to cause the application to load malicious libraries.

Conditions:
System in non-default configuration with unsafe path environment variables.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.