Lucene search
CiscoCVELIST:CVE-2016-6445HistoryOct 27, 2016 - 9:00 p.m.
CVE-2016-6445
2016-10-2721:00:00
cisco
www.cve.org
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user.
CNA Affected
[
{
"product": "Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6"
}
]
}
]Related
cve
cve
CVE-2016-6445
2016-10-27 21:59:17
openvas
openvas
Cisco Meeting Server Client Authentication Bypass Vulnerability
2016-11-02 00:00:00
cisco
cisco
Cisco Meeting Server Client Authentication Bypass Vulnerability
2016-10-12 16:00:00
prion
prion
Design/Logic Flaw
2016-10-27 21:59:00
nvd
nvd
CVE-2016-6445
2016-10-27 21:59:17
threatpost
threatpost
Cisco Patches Critical Bug In Video Conferencing Server Hardware
2016-10-13 11:56:30