Скачать или смотреть WebEx Meeting Tampering | Schedule meeting on behalf of ANY arbitrary user without his/her consent

Legit Functionality: In WebEx, user can give permission to other user(s) to host/schedule any meeting on his/her behalf. Untill or unless NO ONE can host/schedule any meeting on ANYONE's behalf.

Vulnerability: In this scenario, Attacker can schedule/host ANY meeting on behalf of ANY user in Organisation WITHOUT that user's consent and knowledge.

Description
===========
Whenever Attacker schedule a meeting by replacing his own hostID (WebEx User ID) with victim's hostID(WebEx User ID), that meeting sceduled on actally victim's calender without his/her consent/knowledge.

Thanks received from Cisco: https://bst.cloudapps.cisco.com/bugse...

Relative Tags
============
webex vulnerability,webex vulnerability 2020,webex vulnerability cve,webex vulnerability exploit,webex vulnerability patch,cisco webex vulnerability,webex security vulnerability,cisco webex vulnerability 2020,webex teams vulnerability,webex exploit,cisco webex exploit,webex vulnerability exploit