What is the severity of CVE-2021-1410?

CVE-2021-1410 is considered a medium severity vulnerability due to potential unauthorized access risks within organizations.

How do I fix CVE-2021-1410?

To mitigate CVE-2021-1410, ensure that users are updated to the latest version of Cisco Webex Meetings which contains the necessary security patches.

Who is affected by CVE-2021-1410?

CVE-2021-1410 affects organizations using Cisco Webex Meetings where users can manage distribution lists.

What type of vulnerability is CVE-2021-1410?

CVE-2021-1410 is an authorization bypass vulnerability that allows modification of distribution lists by unauthorized users.

Can CVE-2021-1410 be exploited remotely?

Yes, CVE-2021-1410 can be exploited by authenticated remote attackers to modify distribution lists of other users.

Vulnerability/
CVE-2021-1410

medium

4.3

CWE

284

18/11/2024

CVE-2021-1410: Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability

First published: Mon Nov 18 2024(Updated: )

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Webex Meetings Client

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3

Frequently Asked Questions

What is the severity of CVE-2021-1410?
CVE-2021-1410 is considered a medium severity vulnerability due to potential unauthorized access risks within organizations.
How do I fix CVE-2021-1410?
To mitigate CVE-2021-1410, ensure that users are updated to the latest version of Cisco Webex Meetings which contains the necessary security patches.
Who is affected by CVE-2021-1410?
CVE-2021-1410 affects organizations using Cisco Webex Meetings where users can manage distribution lists.
What type of vulnerability is CVE-2021-1410?
CVE-2021-1410 is an authorization bypass vulnerability that allows modification of distribution lists by unauthorized users.
Can CVE-2021-1410 be exploited remotely?
Yes, CVE-2021-1410 can be exploited by authenticated remote attackers to modify distribution lists of other users.

agent/references
agent/title
agent/weakness
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
agent/last-modified-date
collector/mitre-cve
source/MITRE
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco webex meetings client

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.