Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
Users and administrators to review the following Cisco advisories and apply the necessary updates:
- Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability cisco-sa-webex-token-zPvEjKN
- Vulnerable Products
- This vulnerability affects the following versions of Cisco Webex Meetings sites and Cisco Webex Meetings Server:
- Cisco Webex Meetings sites releases WBS 39.5.25 and earlier, WBS 40.4.10 and earlier, or release WBS 40.6.0
- Cisco Webex Meetings Server releases 4.0MR3 and earlier
- Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability cisco-sa-webex-client-url-fcmpdfVY
- Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability cisco-sa-webex-client-mac-X7vp65BL
- TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability cisco-sa-tp-cmd-inj-7ZpWhvZb
- Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities cisco-sa-rv-routers-stack-vUxHmnNz
- Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities cisco-sa-rv-routers-injection-tWC7krKQ
- Small Business RV Series Routers Command Injection Vulnerabilities cisco-sa-rv-routers-Rj5JRfF8
