Meeting Server
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12264 | Med | 0.35 | 5.3 | 0.02 | Oct 5, 2017 | A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit… | ||
| CVE-2024-48353 | 0.00 | — | 0.00 | Nov 1, 2024 | Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information. | |||
| CVE-2024-48352 | 0.00 | — | 0.00 | Nov 1, 2024 | Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID. | |||
| CVE-2024-24091 | 0.00 | — | 0.01 | Feb 8, 2024 | Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface. | |||
| CVE-2023-20255 | 0.00 | — | 0.01 | Nov 1, 2023 | A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this… | |||
| CVE-2021-40122 | 0.00 | — | 0.01 | Oct 21, 2021 | A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper handling of large series of message requests. An attacker could… | |||
| CVE-2021-1524 | 0.00 | — | 0.01 | Jun 16, 2021 | A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly validated. An attacker could… | |||
| CVE-2020-3160 | 0.00 | — | 0.01 | Feb 19, 2020 | A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and… | |||
| CVE-2019-1623 | 0.00 | — | 0.01 | Jun 20, 2019 | A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insufficient input validation during the execution of a vulnerable CLI command. An… | |||
| CVE-2019-1676 | 0.00 | — | 0.02 | Feb 8, 2019 | A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. The vulnerability is due to insufficient… | |||
| CVE-2019-1678 | 0.00 | — | 0.01 | Feb 7, 2019 | A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation… | |||
| CVE-2018-15446 | 0.00 | — | 0.02 | Nov 8, 2018 | A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest access via ID and passcode option… |
- risk 0.35cvss 5.3epss 0.02
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit…
- CVE-2024-48353Nov 1, 2024risk 0.00cvss —epss 0.00
Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information.
- CVE-2024-48352Nov 1, 2024risk 0.00cvss —epss 0.00
Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.
- CVE-2024-24091Feb 8, 2024risk 0.00cvss —epss 0.01
Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.
- CVE-2023-20255Nov 1, 2023risk 0.00cvss —epss 0.01
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this…
- CVE-2021-40122Oct 21, 2021risk 0.00cvss —epss 0.01
A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper handling of large series of message requests. An attacker could…
- CVE-2021-1524Jun 16, 2021risk 0.00cvss —epss 0.01
A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly validated. An attacker could…
- CVE-2020-3160Feb 19, 2020risk 0.00cvss —epss 0.01
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and…
- CVE-2019-1623Jun 20, 2019risk 0.00cvss —epss 0.01
A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insufficient input validation during the execution of a vulnerable CLI command. An…
- CVE-2019-1676Feb 8, 2019risk 0.00cvss —epss 0.02
A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. The vulnerability is due to insufficient…
- CVE-2019-1678Feb 7, 2019risk 0.00cvss —epss 0.01
A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation…
- CVE-2018-15446Nov 8, 2018risk 0.00cvss —epss 0.02
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest access via ID and passcode option…
Page 2 of 2