VYPR
Critical severity9.1NVD Advisory· Published Oct 27, 2016· Updated Jun 17, 2026

CVE-2016-6445

CVE-2016-6445

Description

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:cisco:meeting_server:1.8.15:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:cisco:meeting_server:1.8.15:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:1.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:1.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:meeting_server:2.0.5:*:*:*:*:*:*:*
    • (no CPE)range: <2.0.6
  • Acano/Serverllm-create
    Range: <1.8.18, <1.9.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.