Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
605
VMScore

CVE-2018-0371

Published: 21/06/2018 Updated: 09/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Subscribe to Meeting Server

Vulnerability Summary

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Web Admin Interface of an affected Cisco Meeting Server. A successful exploit could allow the malicious user to restart the system, terminating all ongoing calls and resulting in a DoS condition on the affected product. This vulnerability affects the following releases of Cisco Meeting Server: Acano X-Series, Cisco Meeting Server 1000, Cisco Meeting Server 2000. Cisco Bug IDs: CSCvi48624.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco meeting server 2.2.5

Vendor Advisories

Cisco: Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is due to insufficient validation of incoming HTTP requests An attacker could exploit this vulnerability by sending a crafted HTTP request to the Web Admin Interface of an ...

References

CWE-20https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-meeting-server-doshttp://www.securitytracker.com/id/1041175http://www.securityfocus.com/bid/104582https://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-meeting-server-dos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook