CVE-2018-0262

Name of the Vulnerable Software and Affected Versions: Cisco Meeting Server versions prior to 2.2.11

Description: A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. The issue is due to incorrect default configuration, exposing internal interfaces and ports on the external interface. A successful exploit could allow access to configuration and database files, as well as sensitive meeting information. If the Traversal Using Relay NAT (TURN) service is enabled with Transport Layer Security (TLS) connections, an attacker could use TURN credentials to forward traffic to device daemons for remote exploitation.

Recommendations: For versions prior to 2.2.11, update to version 2.2.11 or later to resolve the issue. As a temporary workaround, consider disabling the Traversal Using Relay NAT (TURN) service or restricting its use with Transport Layer Security (TLS) connections until a patch is applied. Additionally, review and correct the default configuration to prevent exposure of internal interfaces and ports on the external interface.