PT-2018-8709 · Cisco · Cisco Meeting Server

Publicado

2018-06-07

Atualizado

2020-09-04

CVE-2018-0263

CVSS v3.1

7.4

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Cisco Meeting Server (CMS) versions prior to 2.2.13 Cisco Meeting Server (CMS) versions prior to 2.3.4

Description: A vulnerability in Cisco Meeting Server could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. This is due to incorrect default configuration, exposing internal interfaces and ports on the external interface. A successful exploit could allow the attacker to gain unauthenticated access to configuration and database files and sensitive meeting information.

Recommendations: For versions prior to 2.2.13, update to Release 2.2.13 or later. For versions prior to 2.3.4, update to Release 2.3.4 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-16CWE-1188

Identificadores relacionados

CVE-2018-0263

Produtos afetados

Cisco Meeting Server

PT-2018-8709 · Cisco · Cisco Meeting Server

CVE-2018-0263

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5