Cisco warned customers of 12 vulnerabilities across its product line this week, including a critical vulnerability in the software that powers its conferencing product, WebEx Meetings Server.
The company stressed on Wednesday that version 2.6 of its WebEx Meetings Server is vulnerable to a remote command execution vulnerability. If exploited, the bug could enable an attacker to inject arbitrary commands on a system with elevated privileges.
The issue, the most pressing among all the fixes pushed by Cisco this week, stems from the insufficient sanitization of user-supplied data, according to an advisory published by the company on Wednesday. U.S. CERT also published an alert today with links to all 12 Cisco advisories.