#VU7681 Denial of service in Cisco Meeting Server
Vulnerability identifier: #VU7681
Vulnerability risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Meeting Server
Client/Desktop applications /
Multimedia software
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) due to improper validation of Fragmentation Unit (FU-A) protocol packets. A remote attacker can send a specially crafted H.264 FU-A packet through the affected application and trigger an unexpected restart of the CMS media process.
Successful exploitation of the vulnerability results in denial of service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco Meeting Server: 2.1.4
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
