CVE-2017-12362

Name of the Vulnerable Software and Affected Versions Cisco Meeting Server versions prior to 2.2.2

Description A issue in Cisco Meeting Server could allow an authenticated, remote attacker to cause the system to reload, resulting in a denial of service (DoS) condition. This is due to video calls being made on systems with a particular configuration. An attacker could exploit this by knowing a valid URI that directs to a Cisco Meeting Server and then making a video call to cause the system to reload.

Recommendations For versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cisco Meeting Server to minimize the risk of exploitation. Avoid using URIs that direct to the Cisco Meeting Server for video calls until the issue is resolved.