Think you have a false positive on this rule?

Sid 1-41409

Message

POLICY-OTHER Cisco WebEx explicit use of web plugin

Summary

An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.

Impact

CVSS base score 8.8 CVSS impact score 5.9 CVSS exploitability score 2.8 confidentialityImpact HIGH integrityImpact HIGH availabilityImpact HIGH

CVE-2017-3823:

CVSS base score 8.8

CVSS impact score 5.9

CVSS exploitability score 2.8

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

CVE-2017-6753:

CVSS base score 8.8

CVSS impact score 5.9

CVSS exploitability score 2.8

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2017-3823: An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.

CVE-2017-6753: A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. The following versions of the Cisco WebEx browser extensions are affected: Versions prior to 1.0.12 of the Cisco WebEx extension on Google Chrome, Versions prior to 1.0.12 of the Cisco WebEx extension on Mozilla Firefox. Cisco Bug IDs: CSCvf15012 CSCvf15020 CSCvf15030 CSCvf15033 CSCvf15036 CSCvf15037.

Affected systems

  • cisco activetouchgeneralplugin_container 105
  • cisco download_manager 2.1.0.9
  • cisco gpccontainer_class 10031.6.2017.0125
  • cisco webex 1.0.6
  • cisco webexmeetingcenter 2.6_base
  • cisco webexmeetingcenter 2.6_mr1
  • cisco webexmeetingcenter 2.6_mr2
  • cisco webexmeetingcenter 2.6_mr3
  • cisco webexmeetingcenter 2.7_base
  • cisco webexmeetingcenter 2.7_mr1
  • cisco webexmeetingcenter 2.7_mr2
  • cisco webexmeetingcenter t29_base
  • cisco webexmeetingcenter t30_base
  • cisco webexmeetingcenter t31_base
  • cisco webexmeetingsserver 2.0_base
  • cisco webexmeetingsserver 2.0_mr2
  • cisco webexmeetingsserver 2.0_mr3
  • cisco webexmeetingsserver 2.0_mr4
  • cisco webexmeetingsserver 2.0_mr5
  • cisco webexmeetingsserver 2.0_mr6
  • cisco webexmeetingsserver 2.0_mr7
  • cisco webexmeetingsserver 2.0_mr8
  • cisco webexmeetingsserver 2.0_mr9
  • cisco webexmeetingsserver 2.5_base
  • cisco webexmeetingsserver 2.5_mr1
  • cisco webexmeetingsserver 2.5_mr2
  • cisco webexmeetingsserver 2.5_mr3
  • cisco webexmeetingsserver 2.5_mr4
  • cisco webexmeetingsserver 2.5_mr5
  • cisco webexmeetingsserver 2.5_mr6
  • cisco webexmeetingsserver 2.6_base
  • cisco webexmeetingsserver 2.6_mr1
  • cisco webexmeetingsserver 2.6_mr2
  • cisco webexmeetingsserver 2.6_mr3
  • cisco webexmeetingsserver 2.7_base
  • cisco webexmeetingsserver 2.7_mr1
  • cisco webexmeetingsserver 2.7_mr2
  • cisco webexeventcenter t30_base
  • cisco webexeventcenter t31_base
  • cisco webexeventcenter t32_base
  • cisco webexmeetingcenter t32_base
  • cisco webexmeetings t30base
  • cisco webexmeetingsserver 1.1_base
  • cisco webexmeetingsserver 1.5.1.6
  • cisco webexmeetingsserver 1.5.1.131
  • cisco webexmeetingsserver 1.5_base
  • cisco webexmeetingsserver 2.0.1.107
  • cisco webexmeetingsserver 2.5.1.5
  • cisco webexmeetingsserver 2.5.1.29
  • cisco webexmeetingsserver 2.5.99.2
  • cisco webexmeetingsserver 2.6.0
  • cisco webexmeetingsserver 2.6.1.39
  • cisco webexmeetingsserver 2.7.1
  • cisco webexmeetingsserver 2.8_base
  • cisco webexmeetingsserver_2.0 mr2
  • cisco webexmeetingsserver_2.0 mr3
  • cisco webexmeetingsserver_2.0 mr4
  • cisco webexmeetingsserver_2.0 mr5
  • cisco webexmeetingsserver_2.0 mr6
  • cisco webexmeetingsserver_2.0 mr7
  • cisco webexmeetingsserver_2.0 mr8
  • cisco webexmeetingsserver_2.0 mr9
  • cisco webexmeetingsserver2.0mr8_patch 1
  • cisco webexmeetingsserver2.0mr9_patch 1
  • cisco webexmeetingsserver2.0mr9_patch 2
  • cisco webexmeetingsserver2.0mr9_patch 3
  • cisco webexmeetingsserver_2.5 mr1
  • cisco webexmeetingsserver_2.5 mr2
  • cisco webexmeetingsserver_2.5 mr3
  • cisco webexmeetingsserver_2.5 mr4
  • cisco webexmeetingsserver_2.5 mr5
  • cisco webexmeetingsserver_2.5 mr6
  • cisco webexmeetingsserver2.5mr2_patch 1
  • cisco webexmeetingsserver2.5mr5_patch 1
  • cisco webexmeetingsserver2.5mr6_patch 1
  • cisco webexmeetingsserver2.5mr6_patch 2
  • cisco webexmeetingsserver2.5mr6_patch 3
  • cisco webexmeetingsserver2.5mr6_patch 4
  • cisco webexmeetingsserver_2.6 mr1
  • cisco webexmeetingsserver_2.6 mr2
  • cisco webexmeetingsserver_2.6 mr3
  • cisco webexmeetingsserver2.6mr1_patch 1
  • cisco webexmeetingsserver2.6mr2_patch 1
  • cisco webexmeetingsserver2.6mr3_patch 1
  • cisco webexmeetingsserver2.6mr3_patch 2
  • cisco webexmeetingsserver_2.7 mr1
  • cisco webexmeetingsserver_2.7 mr2
  • cisco webexmeetingsserver2.7mr1_patch 1
  • cisco webexmeetingsserver2.7mr2_patch 1
  • cisco webexsupportcenter t30_base
  • cisco webexsupportcenter t31_base
  • cisco webexsupportcenter t32_base
  • cisco webextrainingcenter t30_base
  • cisco webextrainingcenter t31_base
  • cisco webextrainingcenter t32_base

Ease of attack

CVE-2017-3823:

Access Vector

Access Complexity

Authentication

CVE-2017-6753:

Access Vector

Access Complexity

Authentication

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex