{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:42:47.158","vulnerabilities":[{"cve":{"id":"CVE-2020-3501","sourceIdentifier":"psirt@cisco.com","published":"2020-08-17T18:15:13.993","lastModified":"2024-11-21T05:31:12.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web site. An attacker with a valid Webex account could exploit these vulnerabilities by persuading a user to follow a URL that is designed to return malicious path parameters to the affected software. A successful exploit could allow the attacker to obtain restricted information from other Webex users."},{"lang":"es","value":"Múltiples vulnerabilidades en la interfaz de usuario de Cisco Webex Meetings Desktop App podrían permitir a un atacante remoto autenticado obtener información restringida de otros usuarios de Webex. Estas vulnerabilidades son debido a una comprobación de entrada inapropiada de los parámetros devueltos a la aplicación desde un sitio web. Un atacante con una cuenta de Webex válida podría explotar estas vulnerabilidades al persuadir a un usuario a seguir una URL diseñada para devolver parámetros de ruta maliciosos al software afectado. Una explotación con éxito podría permitir al atacante obtener información restringida de otros usuarios de Webex."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N","baseScore":4.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:N/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*","versionEndExcluding":"39.5.24","matchCriteriaId":"5FDF9D9B-D876-4C89-AE65-1F54EF19B2AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*","versionStartIncluding":"40.4.0","versionEndExcluding":"40.4.6","matchCriteriaId":"A54DDCE9-2907-4833-97BE-197726344481"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*","versionStartIncluding":"40.4.10","versionEndExcluding":"40.6.0","matchCriteriaId":"99F3A597-ABD0-4404-AF49-CEC9650C3FB0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings:39.7.4:*:*:*:*:*:*:*","matchCriteriaId":"8A9F521F-5D30-4DE7-A308-D1EC7F17C5FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*","matchCriteriaId":"61D1081F-87E8-4E8B-BEBD-0F239E745586"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*","matchCriteriaId":"8D138973-02B0-4FEC-A646-FF1278DA1EDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*","matchCriteriaId":"30B55A5B-8C5E-4ECB-9C85-A8A3A3030850"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*","matchCriteriaId":"14DBEC10-0641-441C-BE15-8F72C1762DCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*","matchCriteriaId":"4D6CF856-093A-4E89-A71D-50A2887C265B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*","matchCriteriaId":"B36A9043-0621-43CD-BFCD-66529F937859"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*","matchCriteriaId":"8842B42E-C412-4356-9F54-DFC53B683D3E"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-g3zevBcp","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-client-g3zevBcp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}