CVE-2016-6448

Опубликовано: 03 нояб. 2016

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano Server releases 1.9.x prior to Release 1.9.5, Acano Server releases 1.8.x prior to Release 1.8.17. More Information: CSCva76004. Known Affected Releases: 1.8.x 1.92.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:meeting_server:1.8.15:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:cisco:meeting_server:2.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07588

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-rp77-2mhc-jvcr