42 matches found
Vulnerability fixed in Cisco Meeting Management
Cisco has fixed a vulnerability in Cisco Meeting Management. The vulnerability is in the Certificate Management feature of Cisco Meeting Management, which contains incorrect input validation within the Web-based management interface. This allows authenticated remote attackers to upload arbitrary...
Cisco Meeting Management (CMM) Code Issues Vulnerability
Cisco Meeting Management CMM is a management tool for Cisco Meeting Server, a Cisco local videoconferencing platform from Cisco USA. A code issue vulnerability exists in Cisco Meeting Management that stems from improper input validation in certain parts of the web-based management interface, whic...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
EUVD-2026-5426
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098
Cisco Meeting Management is affected in the Certificate Management feature. The CVE-2026-20098 issue arises from improper input validation in the web-based management interface, allowing an authenticated remote attacker (with at least the video operator role) to upload arbitrary files, execute co...
CVE-2026-20098 Cisco Meeting Management Arbitrary File Upload Vulnerability
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098 Cisco Meeting Management Arbitrary File Upload Vulnerability
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
Cisco Meeting Management 代码问题漏洞
Cisco Meeting Management CMM is a management tool for Cisco Meeting Server, a Cisco local videoconferencing platform from Cisco USA. A code issue vulnerability exists in Cisco Meeting Management that stems from improper input validation in certain parts of the web-based management interface, whic...
PT-2026-6080
Name of the Vulnerable Software and Affected Versions Cisco Meeting Management affected versions not specified Description A flaw exists in the Certificate Management feature that could allow a remote attacker with valid credentials video operator role or higher to upload arbitrary files, execute...
EUVD-2024-18222
Malicious code in bioql PyPI...
EUVD-2025-2156
Malicious code in bioql PyPI...
CVE-2024-20507
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...
The vulnerability of the application software interface of the Cisco Meeting Management subsystem allows a perpetrator to escalate their privileges.
The vulnerability of the application programming interface of the Cisco Meeting Management subsystem relates to the improper handling of insufficient privileges. Exploiting this vulnerability allows a malicious actor to enhance their privileges through specially created requests...
CVE-2025-0830 Stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x
A stored Cross-site Scripting XSS vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-20156
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...
Vulnerability fixed in Cisco Meeting Management
Cisco has fixed a vulnerability in Cisco Meeting Management. The vulnerability is located in Cisco Meeting Management's REST API, which allows remote, authenticated attackers with low privileges to elevate their privileges to administrator level through inadequate authorization enforcement. This...
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It...
CVE-2025-20156
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...