Responsible Vulnerability Disclosure CVE-2021-1221 – Hyperlink Injection Vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server

INTRODUCTION

eSec Forte Technologies Security Researcher – Abhinav Khanna found Hyperlink Injection vulnerability in the Cisco Webex Meetings and Cisco Webex Meetings Server and it has been assigned CVE-2021-1221.

Cisco WebEx is a cloud-based suite of productivity tools that keeps teams connected. Including WebEx Teams, WebEx Meetings, and WebEx Devices, this suite merges the web conferencing platform and the Spark team collaboration tool from Cisco.

 

 

Responsible Vulnerability Disclosure – Defect Advisory for Host Header Injection in Cisco Umbrella Dashboard

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found a Host Header Injection vulnerability in Cisco Umbrella Dashboard and a defect advisory was generated by Cisco for the same.

Cisco Umbrella is a taut cloud-driven Internet Gateway that fortifies users from all kinds of cyber proliferation, no matter the user’s environs. It is one of the most comfortable ways to safeguard the end users anywhere, in minutes.

Responsible Vulnerability Disclosure CVE-2021-1350 – Packet Flood Vulnerability in Cisco Umbrella Dashboard

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found a Packet Flood vulnerability in Cisco Umbrella Dashboard and it has been assigned CVE-2021-1350.

Cisco Umbrella is a taut cloud-driven Internet Gateway that fortifies users from all kinds of cyber proliferation, no matter the user’s environs. It is one of the most comfortable ways to safeguard the end users anywhere, in minutes.

Responsible Vulnerability Disclosure CVE-2019-16961 – Cross-Site Scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found Cross Site Scripting in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16961 by the MITRE.

Responsible Vulnerability Disclosure CVE-2019-16962 – HTML Injection vulnerability in Manage Engine DesktopCentral

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found a HTML Injection vulnerability in the Manage Engine DesktopCentral and it has been assigned CVE-2019-16962 by the MITRE.

Manage Engine DesktopCentral is a Unified Endpoint Management (UEM) solution that helps manage servers, desktops, virtual machines, mobile phones, tablets, Its features includes Patch Management, Software Deployment, Remote Desktop Sharing, IT Asset Management, Desktop Configurations, Service Pack Installation, Active Directory Reports, User Administration, Mobile Device Management and many more.

Responsible Vulnerability Disclosure CVE-2019-16954 – HTML Injection vulnerability in SolarWinds Web Help Desk

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found HTML Injection vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16954 by the MITRE.

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

Responsible Vulnerability Disclosure CVE-2019-16960 – Cross-site scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

eSecForte Technologies Security Researcher – Abhinav Khanna found a Cross-Site Scripting vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16960 by the MITRE.

Responsible Vulnerability Disclosure CVE-2019-16956 – Cross-site scripting vulnerability in SolarWinds Web Help Desk

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found Cross-Site Scripting in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16956 by the MITRE.

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

Responsible Vulnerability Disclosure CVE-2019-16959 – Formula Injection vulnerability in Solarwinds Web Help Desk

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found Formula Injection vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16959 by the MITRE.

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.

Responsible Vulnerability Disclosure CVE-2019-16957 – Cross-site scripting vulnerability in Solarwinds Web Help Desk

INTRODUCTION

eSecForte Technologies Security Researcher – Abhinav Khanna found a Cross-Site Scripting vulnerability in the Solarwinds Web Help Desk and it has been assigned CVE-2019-16957 by the MITRE.

Solarwinds Web Help Desk centralizes and automates ticketing management tasks so you can better support your customers. Keep track of tasks, including ticket assignment, routing, and escalation. Link incident tickets to a single problem for better organization, associate problem tickets with IT assets, and track the history of asset service requests.