National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2018-0379

Change History

Initial Analysis - 9/20/2018 9:39:04 AM

Action Type Old Value New Value
Changed Reference Type
http://www.securityfocus.com/bid/104853 No Types Assigned
http://www.securityfocus.com/bid/104853 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1041347 No Types Assigned
http://www.securitytracker.com/id/1041347 Third Party Advisory, VDB Entry
Changed Reference Type
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce No Types Assigned
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce Vendor Advisory
Added CWE
CWE-119
Added CVSS V2
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V2 Metadata
Victim must voluntarily interact with attack mechanism
Added CVSS V3
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:* versions from (including) 31.0 up to (including) 31.23
     *cpe:2.3:a:cisco:webex_business_suite:31.23:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:* versions from (including) 32.0 up to (excluding) 32.15
     *cpe:2.3:a:cisco:webex_business_suite:32.15:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:* versions from (including) 33.0 up to (including) 33.2
     *cpe:2.3:a:cisco:webex_business_suite:33.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:webex_business_suite:33.1.1:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:webex_business_suite:33.2:*:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:cisco:webex_meeting_server:3.0:mr1:*:*:*:*:*:*
Added CPE Configuration
OR
     *cpe:2.3:a:cisco:webex_meetings_online:1.3.35:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:* versions up to (excluding) 1.3.35