Meeting Server@2.0.0 Security Vulnerabilities and Issues — Meeting Server@2.0.0 CVE List

Lucene search

CiscoMeeting Server2.0.0

8 matches found

cve•added 2017/02/22 2:59 a.m.•46 views

CVE-2017-3837

An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the atta...

8.1CVSS7.7AI score0.00786EPSS

cve•added 2016/11/03 9:59 p.m.•45 views

CVE-2016-6447

A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior t...

9.8CVSS9.7AI score0.07588EPSS

cve•added 2017/09/07 9:29 p.m.•43 views

CVE-2017-6794

A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials. The vulnerability is...

7.2CVSS6.9AI score0.00206EPSS

cve•added 2016/10/27 9:59 p.m.•39 views

CVE-2016-6444

A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0.

8.8CVSS8.7AI score0.00194EPSS

cve•added 2018/10/05 2:29 p.m.•36 views

CVE-2018-0439

A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the ...

8.8CVSS9AI score0.00457EPSS

cve•added 2016/10/27 9:59 p.m.•34 views

CVE-2016-6446

A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0.

7.5CVSS7.5AI score0.00484EPSS

cve•added 2016/11/03 9:59 p.m.•33 views

CVE-2016-6448

A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano Se...

9.8CVSS9.7AI score0.07588EPSS

cve•added 2016/10/27 9:59 p.m.•31 views

CVE-2016-6445

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the ...

9.1CVSS9.3AI score0.0077EPSS