CVE-2016-6447

CWE-119 — Buffer Overflow4 documents4 sources

Severity

9.8CRITICAL

EPSS

7.6%

top 8.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Meeting APP Cisco Meeting Server

Timeline

PublishedNov 3

Latest updateMay 17

Description

A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior to 1.9.3, Cisco Meeting App releases prior to 1.9.8, Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDcisco/meeting_server1.8_base, 1.9.0, 2.0.0+2

▶NVDcisco/meeting_app1.8.0, 1.9.0+1

🔴Vulnerability Details

GHSA

GHSA-54fq-cr2j-w2qc: A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected syste↗2022-05-17

▶

CVEList

CVE-2016-6447: A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected syste↗2016-11-03

▶

📋Vendor Advisories

Cisco

Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability↗2016-11-02

▶