What is the severity of CVE-2018-0380?

CVE-2018-0380 has been rated with a medium severity level due to its potential for exploitation through malicious file vectors.

How do I fix CVE-2018-0380?

To remediate CVE-2018-0380, update Cisco Webex Meetings to the latest version that addresses these vulnerabilities.

What types of files are associated with CVE-2018-0380?

CVE-2018-0380 is associated with Advanced Recording Format (.arf) and Webex Recording Format (.wrf) files.

Can CVE-2018-0380 be exploited through email attachments?

Yes, CVE-2018-0380 can be exploited by sending a malicious .arf or .wrf file via email, tricking users into opening it.

Which versions of Cisco Webex Meetings are affected by CVE-2018-0380?

CVE-2018-0380 affects multiple versions of Cisco Webex Meetings, including versions t30, t31, t31.20, and t31.23.

Vulnerability/
CVE-2018-0380

medium

5.5

CWE

399

18/7/2018

29/11/2024

CVE-2018-0380

First published: Wed Jul 18 2018(Updated: )

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could cause an affected player to crash, resulting in a denial of service (DoS) condition. The Cisco Webex players are applications that are used to play back Webex meetings that have been recorded by an online meeting attendee. The Webex Network Recording Player for .arf files can be automatically installed when the user accesses a recording that is hosted on a Webex server. The Webex Player for .wrf files can be downloaded manually. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvh70253, CSCvh70268, CSCvh72272, CSCvh72281, CSCvh72285, CSCvi60477, CSCvi60485, CSCvi60490, CSCvi60520, CSCvi60529, CSCvi60533.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Webex Meetings	=t30
Cisco Webex Meetings	=t31
Cisco Webex Meetings	=t31.20
Cisco Webex Meetings	=t31.23
Cisco Webex Meetings	=t31.23.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0380?
CVE-2018-0380 has been rated with a medium severity level due to its potential for exploitation through malicious file vectors.
How do I fix CVE-2018-0380?
To remediate CVE-2018-0380, update Cisco Webex Meetings to the latest version that addresses these vulnerabilities.
What types of files are associated with CVE-2018-0380?
CVE-2018-0380 is associated with Advanced Recording Format (.arf) and Webex Recording Format (.wrf) files.
Can CVE-2018-0380 be exploited through email attachments?
Yes, CVE-2018-0380 can be exploited by sending a malicious .arf or .wrf file via email, tricking users into opening it.
Which versions of Cisco Webex Meetings are affected by CVE-2018-0380?
CVE-2018-0380 affects multiple versions of Cisco Webex Meetings, including versions t30, t31, t31.20, and t31.23.

agent/type
agent/softwarecombine
agent/severity
agent/author
agent/references
agent/weakness
agent/first-publish-date
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco webex meetings
version/cisco webex meetings/t30
version/cisco webex meetings/t31
version/cisco webex meetings/t31.20
version/cisco webex meetings/t31.23
version/cisco webex meetings/t31.23.2