CVE-2018-0436 is a vulnerability in Cisco Webex Teams
Published on October 5, 2018
Cisco Webex Teams Information Disclosure and Modification Vulnerability
A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote attacker to view and modify data for an organization other than their own organization. The vulnerability exists because the affected software performs insufficient checks for associations between user accounts and organization accounts. An attacker who has administrator or compliance officer privileges for one organization account could exploit this vulnerability by using those privileges to view and modify data for another organization account. No customer data was impacted by this vulnerability.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2018-0436 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2018-0436
Want to know whenever a new CVE is published for Cisco Webex Teams? stack.watch will email you.
Affected Versions
Cisco Webex Teams Version n/a is affected by CVE-2018-0436Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.