Unauthorized Access Vulnerability in Cisco Meeting Server
CVE-2018-0263

7.4HIGH

Key Information:

Vendor
Cisco
Status
Cisco Meeting Server Unknown
Vendor
CVE Published:
7 June 2018

Summary

A vulnerability in Cisco Meeting Server could enable an unauthenticated adjacent attacker to access internal services on affected device interfaces. This issue arises from a misconfiguration that exposes sensitive internal interfaces and ports to the external network. A successful exploitation may lead to unauthorized access to critical configuration files, database contents, and sensitive meeting information. Organizations using Cisco Meeting Server should ensure they are running the latest software versions to mitigate this risk.

Affected Version(s)

Cisco Meeting Server unknown Cisco Meeting Server unknown

References

http://www.securityfocus.com/bid/104419
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041065
vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.