CVE-2018-0280

Name of the Vulnerable Software and Affected Versions: Cisco Meeting Server versions 2.0 through 2.3

Description: A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this by sending a crafted RTP bitstream, potentially denying audio and video services by causing media process crashes.

Recommendations: For Cisco Meeting Server versions 2.0 through 2.3, update to a fixed release to resolve the issue. As a temporary workaround, consider restricting access to the RTP bitstream processing to minimize the risk of exploitation.