Home/Product/cisco meeting server
Product

cisco meeting server

31 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-20255
< 3.6.1
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cau
5.3MEDIUM
 CVE-2021-40122
<= 3.1
A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to ca
5.9MEDIUM
 CVE-2021-1524
>= 3.1 and < 3.1.1
A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS
4.3MEDIUM
 CVE-2020-3197
all versions
A vulnerability in the API subsystem of Cisco Meetings App could allow an unauthenticated, remote attacker to retain and reuse the
5.3MEDIUM
 CVE-2020-3160
< 2.8.0
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an u
5.3MEDIUM
 CVE-2019-1623
>= 2.2.0 and < 2.2.14
A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbi
6.7MEDIUM
 CVE-2019-1794
all versions
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a
5.1MEDIUM
 CVE-2019-1676
>= 2.3.0 and < 2.3.9
A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an una
6.8MEDIUM
 CVE-2019-1678
all versions
A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) t
4.3MEDIUM
 CVE-2018-15446
all versions
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. T
5.3MEDIUM
 CVE-2018-0439
all versions
A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to c
8.8HIGH
 CVE-2018-0371
all versions
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial
6.5MEDIUM
 CVE-2018-0359
all versions
A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Ser
5.5MEDIUM
 CVE-2018-0263
< 2.2.13
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on inte
7.4HIGH
 CVE-2018-0280
all versions
A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthen
7.5HIGH
 CVE-2018-0262
all versions
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components
8.1HIGH
 CVE-2017-12362
< 2.2.2
A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system
6.5MEDIUM
 CVE-2017-12311
all versions
A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a C
5.8MEDIUM
 CVE-2017-12264
all versions
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a deni
5.3MEDIUM
 CVE-2017-12249
<= 2.0.15
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticat
9.1CRITICAL
 CVE-2017-6794
all versions
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform co
6.7MEDIUM
 CVE-2017-12224
all versions
A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authentic
6.5MEDIUM
 CVE-2017-6763
all versions
A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, re
7.5HIGH
 CVE-2017-3837
all versions
An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing
8.1HIGH
 CVE-2017-3830
all versions
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a de
7.5HIGH
 CVE-2016-6448
all versions
A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote at
9.8CRITICAL
 CVE-2016-6447
all versions
A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code
9.8CRITICAL
 CVE-2016-6446
all versions
A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a c
7.5HIGH
 CVE-2016-6445
all versions
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 an
9.1CRITICAL
 CVE-2016-6444
all versions
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (C
8.8HIGH
 CVE-2016-1451
all versions
Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencin
6.1MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh