CVE - CVE-2019-15960

CVE-ID
CVE-2019-15960	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A vulnerability in the Webex Network Recording Admin page of Cisco Webex Meetings could allow an authenticated, remote attacker to elevate privileges in the context of the affected page. To exploit this vulnerability, the attacker must be logged in as a low-level administrator. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by submitting a crafted URL request to gain privileged access in the context of the affected page. A successful exploit could allow the attacker to elevate privileges in the Webex Recording Admin page, which could allow them to view or delete recordings that they would not normally be able to access.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CISCO:20191106 Cisco Webex Network Recording Admin Page Privilege Escalation Vulnerability URL:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wbs-privilege
Assigning CNA
Cisco Systems, Inc.
Date Record Created
20190906	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20190906)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)