Arbitrary Code Execution Vulnerability in Cisco Meeting Server

Arbitrary Code Execution Vulnerability in Cisco Meeting Server

CVE-2016-6448 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano Server releases 1.9.x prior to Release 1.9.5, Acano Server releases 1.8.x prior to Release 1.8.17. More Information: CSCva76004. Known Affected Releases: 1.8.x 1.92.0.

Learn more about our Cis Benchmark Audit For Cisco.