Cisco Meeting Server Multiple Vulnerabilities
Last Update Date:
20 Oct 2016
Release Date:
13 Oct 2016
3594
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified on Cisco Meeting Server, which could allow a attacker cause exploit this vulnerability to obtain sensitive information, bypass authentication and conduct a cross-site request forgery (CSRF) attack on the target system.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Cisco Meeting Server prior to 2.0
- Acano Server prior to 1.8.18 and prior to 1.9.6
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to Acano Server version 1.8.18, Acano Server version 1.9.6 or Cisco Meeting Server 2.0.6
Vulnerability Identifier
Source
Related Link
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms1
- https://www.us-cert.gov/ncas/current-activity/2016/10/19/Cisco-Releases-Security-Updates
- http://securitytracker.com/id/1037000
Share with