CVE-2017-12249
Severity
9.1CRITICAL
EPSS
1.2%
top 20.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 13
Latest updateMay 13
Description
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability is due to an incorrect default configuration of the TURN server, which could expose internal interfaces and ports on the external interface of an affected system. An attacker could exploit this vulnerability by using a T…
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-9m39-hmv3-2f6w: A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker↗2022-05-13
CVEList▶
CVE-2017-12249: A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker↗2017-09-13
📋Vendor Advisories
1Cisco▶
Cisco Meeting Server TURN Server Unauthorized Access and Information Disclosure Vulnerability↗2017-09-13