Vulnerability identifier: #VU8423

Vulnerability risk: Medium

CVSSv3.1: 5.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-12249

CWE-ID: CWE-16

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Meeting Server
Client/Desktop applications / Multimedia software

Vendor: Cisco Systems, Inc

Description
The vulnerability allows a remote authenticated attacker to gain unauthenticated or unauthorized access to components of sensitive information.

The weakness exists due to incorrect default configuration of the TURN server. A remote attacker can use a TURN server, depending on the deployment model and CMS services in use to perform an unauthorized connection to a Call Bridge, a Web Bridge, or a database cluster and gain unauthorized access to sensitive meeting information. Successful exploitation of the vulnerability is able if the attacker has valid credentials for the TURN server.

Mitigation
The vulnerability is addressed in the following versions: 2.0.16, 2.1.11, 2.2.6.

Vulnerable software versions

Cisco Meeting Server: 2.0.1 - 2.1.4

---

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170913-cmsturn

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.