admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#3138

Browse Source 
Auto-merge PR#3138
This commit is contained in:
CVE Team 2020-01-27 17:15:16 -05:00 committed by GitHub
commit 52ae5b436c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
2020/3xxx/CVE-2020-3131.json
View File

@ -17,8 +17,8 @@
"version": {
"version_data": [
{
"affected": "<",
"version_value": "n/a"
"affected": "=",
"version_value": "3.0.13131"
}
]
}
@ -37,16 +37,10 @@
"description_data": [
{
"lang": "eng",
"value": "[CVE-2020-3131_su] A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insufficient input validation when processing received adaptive cards. The attacker could exploit this vulnerability by sending an adaptive card with malicious content to an existing user of the Cisco Webex Teams client for Windows. A successful exploit could allow the attacker to cause the targeted user's client to crash continuously."
"value": "A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insufficient input validation when processing received adaptive cards. The attacker could exploit this vulnerability by sending an adaptive card with malicious content to an existing user of the Cisco Webex Teams client for Windows. A successful exploit could allow the attacker to cause the targeted user's client to crash continuously. This vulnerability was introduced in Cisco Webex Teams client for Windows Release 3.0.13131."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "[CVE-2020-3131_ex] "
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
@ -84,4 +78,4 @@
],
"discovery": "INTERNAL"
}
}
}