Posted on 05/11/2020 5:14:22 PM PDT by piytar
Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited.
The vulnerability, tracked as CVE-2020-3142 and classified as high severity, affected Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites, releases earlier than 39.11.5 and 40.1.3. However, Cisco says the fixes apply only to the sites and users are not required to update their mobile or desktop Webex Meetings applications.
(Excerpt) Read more at securityweek.com ...
BTW, they claimed to have fixed it. I don’t believe them.
I an invited to a number of zoom meetings with just the link and no password needed.
perhaps the email invitations are sent only to those who will join so they feel there is no need for more security?
i don’t understand this arena (security) that well at all
What kind of sick depraved arschloch would join a WebEx meeting that he didn’t have to??!!
And there’s more: https://medium.com/@karthiksoft007/how-i-hacked-millions-of-cisco-webex-users-through-brute-force-7bed1ece13cb
Bkmk Cisco fail
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.