Configuration error in Cisco Meeting Server - CVE-2018-0262
Published: May 7, 2018
Vulnerability identifier: #VU12386
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0262
CWE-ID: CWE-16
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Meeting Server
Cisco Meeting Server
Detailed vulnerability description
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information the target system.
The weakness exists due to incorrect default configuration of the device, which can expose internal interfaces and ports on the external interface. A remote attacker can gain unauthenticated access to configuration and database files as well as sensitive meeting information.
The weakness exists due to incorrect default configuration of the device, which can expose internal interfaces and ports on the external interface. A remote attacker can gain unauthenticated access to configuration and database files as well as sensitive meeting information.
How to mitigate CVE-2018-0262
Update to version 2.2.11.