#VU5854 Improper input validation in Cisco Meeting Server
Vulnerability identifier: #VU5854
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Meeting Server
Client/Desktop applications /
Multimedia software
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote authenticated attacker to cause denial of service.
The vulnerability exists due to improper input validation when processing requests sent to port 2829/TCP in internal API of the Cisco Meeting Server (CMS). A remote unauthenticated attacker can send a specially crafted request to port 2829/TCP and cause denial of service.
Successful exploitation of the vulnerability may allow an attacker to perform denial of service (DoS) attack against vulnerable service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco Meeting Server: 2.0 - 2.1.3
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
