Cisco Meeting_server
31 CVEs affecting Cisco Meeting_server. Latest disclosed: 2023-11-01. Critical: 4, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-6448 | Critical | 9.8 | 2016-11-03 | A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary c… |
CVE-2016-6447 | Critical | 9.8 | 2016-11-03 | A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This v… |
CVE-2017-12249 | Critical | 9.1 | 2017-09-13 | A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain u… |
CVE-2016-6445 | Critical | 9.1 | 2016-10-27 | A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18… |
CVE-2018-0439 | High | 8.8 | 2018-10-05 | A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request f… |
CVE-2016-6444 | High | 8.8 | 2016-10-27 | A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bri… |
CVE-2018-0262 | High | 8.1 | 2018-05-02 | A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information… |
CVE-2017-3837 | High | 8.1 | 2017-02-22 | An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authe… |
CVE-2018-0280 | High | 7.5 | 2018-05-17 | A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to c… |
CVE-2017-6763 | High | 7.5 | 2017-08-07 | A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a deni… |
CVE-2017-3830 | High | 7.5 | 2017-02-22 | A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) conditi… |
CVE-2016-6446 | High | 7.5 | 2016-10-27 | A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Informa… |
CVE-2018-0263 | High | 7.4 | 2018-06-07 | A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an… |
CVE-2019-1676 | Medium | 6.8 | 2019-02-08 | A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker… |
CVE-2019-1623 | Medium | 6.7 | 2019-06-20 | A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root us… |
CVE-2017-6794 | Medium | 6.7 | 2017-09-07 | A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate… |
CVE-2018-0371 | Medium | 6.5 | 2018-06-21 | A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition… |
CVE-2017-12362 | Medium | 6.5 | 2017-11-30 | A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system to reload, resulting in a den… |
CVE-2017-12224 | Medium | 6.5 | 2017-09-07 | A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to ente… |
CVE-2016-1451 | Medium | 6.1 | 2016-07-15 | Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 all… |