Privilege escalation in Cisco Meeting Server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-6794 |
| CWE-ID | CWE-77 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco Meeting Server Client/Desktop applications / Multimedia software |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Command injection
EUVDB-ID: #VU8004
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6794
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local administrator attacker to perform command injection on the target system.
The weakness exists in the CLI command-parsing code of Cisco Meeting Server due to insufficient validation of user-supplied input at the CLI for certain commands. A local attacker can authenticate to the affected application with valid administrator credentials, submit and execute a specially crafted CLI command and gain root privileges on the system.
Successful exploitation of the vulnerability results in privilege escalation.
Install update from vendor's website.
Cisco Meeting Server: 1.8 - 2.2.0
CPE2.3- cpe:2.3:a:cisco_systems:cisco_meeting_server:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco_systems:cisco_meeting_server:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco_systems:cisco_meeting_server:2.1.4:*:*:*:*:*:*:*
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170823-cms
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
