In most cases this will be a maintenance upgrade to software that was previously purchased. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:Īdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner.
Cisco webex productivity tools mac beta install#
Customers may only install and expect support for software versions and feature sets for which they have purchased a license.
This is also documented in the article Check the Cisco Webex Productivity Tools Version for Windows.Ĭisco has released free software updates that address the vulnerability described in this advisory. To determine whether a vulnerable version of Cisco Webex Productivity Tools is installed on a Windows machine, users can right-click the Webex Productivity Tools icon on the Windows taskbar and select About from the menu a popup window displaying the currently installed version will open. This is also documented in the article Check the Cisco Webex Meetings Desktop App Version. menu entry a popup window displaying the currently installed version will open. To determine whether a vulnerable version of Cisco Webex Meetings Desktop App is installed on a Windows machine, users can launch the Cisco Webex Meetings application and click the gear icon in the top right of the application window, then choose the About. This vulnerability affects all Cisco Webex Meetings Desktop App releases prior to 33.6.6, and Cisco Webex Productivity Tools Releases 32.6.0 and later prior to 33.0.7, when running on a Microsoft Windows end-user system. This advisory is available at the following link: There are no workarounds that address this vulnerability. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools.Ĭisco has released software updates that address this vulnerability. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges.
Cisco webex productivity tools mac beta update#
An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. The vulnerability is due to insufficient validation of user-supplied parameters. A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user.
0 kommentar(er)
