Lucene search
K

42 matches found

NCSC
NCSC
added 2026/02/06 9:22 a.m.9 views

Vulnerability fixed in Cisco Meeting Management

Cisco has fixed a vulnerability in Cisco Meeting Management. The vulnerability is in the Certificate Management feature of Cisco Meeting Management, which contains incorrect input validation within the Web-based management interface. This allows authenticated remote attackers to upload arbitrary...

8.8CVSS5.7AI score0.00384EPSS
Exploits0References1
CNVD
CNVD
added 2026/02/06 12:0 a.m.7 views

Cisco Meeting Management (CMM) Code Issues Vulnerability

Cisco Meeting Management CMM is a management tool for Cisco Meeting Server, a Cisco local videoconferencing platform from Cisco USA. A code issue vulnerability exists in Cisco Meeting Management that stems from improper input validation in certain parts of the web-based management interface, whic...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.6 views

CVE-2026-20098

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2026/02/04 5:16 p.m.9 views

CVE-2026-20098

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS0.00384EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/04 4:11 p.m.7 views

EUVD-2026-5426

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 4:11 p.m.20 views

CVE-2026-20098

Cisco Meeting Management is affected in the Certificate Management feature. The CVE-2026-20098 issue arises from improper input validation in the web-based management interface, allowing an authenticated remote attacker (with at least the video operator role) to upload arbitrary files, execute co...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/04 4:11 p.m.6 views

CVE-2026-20098 Cisco Meeting Management Arbitrary File Upload Vulnerability

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 4:11 p.m.30 views

CVE-2026-20098 Cisco Meeting Management Arbitrary File Upload Vulnerability

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS0.00384EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:11 p.m.7 views

CVE-2026-20098

A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.8 views

Cisco Meeting Management 代码问题漏洞

Cisco Meeting Management CMM is a management tool for Cisco Meeting Server, a Cisco local videoconferencing platform from Cisco USA. A code issue vulnerability exists in Cisco Meeting Management that stems from improper input validation in certain parts of the web-based management interface, whic...

8.8CVSS6.3AI score0.00384EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.5 views

PT-2026-6080

Name of the Vulnerable Software and Affected Versions Cisco Meeting Management affected versions not specified Description A flaw exists in the Certificate Management feature that could allow a remote attacker with valid credentials video operator role or higher to upload arbitrary files, execute...

9CVSS6.2AI score0.00384EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-18222

Malicious code in bioql PyPI...

6.5CVSS5AI score0.00379EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-2156

Malicious code in bioql PyPI...

9.9CVSS9.3AI score0.01159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:49 a.m.4 views

CVE-2024-20507

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

6.5CVSS6.2AI score0.00379EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.6 views

The vulnerability of the application software interface of the Cisco Meeting Management subsystem allows a perpetrator to escalate their privileges.

The vulnerability of the application programming interface of the Cisco Meeting Management subsystem relates to the improper handling of insufficient privileges. Exploiting this vulnerability allows a malicious actor to enhance their privileges through specially created requests...

9.9CVSS8.1AI score0.01159EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/17 1:50 p.m.6 views

CVE-2025-0830 Stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x

A stored Cross-site Scripting XSS vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS7.8AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:30 a.m.11 views

CVE-2025-20156

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...

9.9CVSS6.9AI score0.01159EPSS
Exploits0References1
NCSC
NCSC
added 2025/01/23 1:56 p.m.9 views

Vulnerability fixed in Cisco Meeting Management

Cisco has fixed a vulnerability in Cisco Meeting Management. The vulnerability is located in Cisco Meeting Management's REST API, which allows remote, authenticated attackers with low privileges to elevate their privileges to administrator level through inadequate authorization enforcement. This...

9.9CVSS6.6AI score0.01159EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/01/23 6:21 a.m.37 views

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It...

9.9CVSS7.7AI score0.98557EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2025/01/22 5:15 p.m.2 views

CVE-2025-20156

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...

9.9CVSS7.4AI score0.01159EPSS
Exploits0References4
Rows per page
Query Builder