CVE-2017-3837

Name of the Vulnerable Software and Affected Versions Cisco Meeting Server versions prior to 2.1.2

Description The issue allows an authenticated, remote attacker to retrieve memory contents, potentially leading to the disclosure of confidential information. Additionally, it could cause the application to crash unexpectedly, resulting in a denial of service condition. The attacker must be authenticated and have a valid session with the Web Bridge.

Recommendations For versions prior to 2.1.2, update to version 2.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Web Bridge interface to minimize the risk of exploitation.