CVE-2017-12362

CWE-3994 documents4 sources
Severity
6.5MEDIUM
EPSS
0.9%
top 24.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Meeting Server
Timeline
PublishedNov 30
Latest updateMay 13

Description

A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to video calls being made on systems with a particular configuration. An attacker could exploit this by knowing a valid URI that directs to a Cisco Meeting Server. An attacker could then make a video call and cause the system to reload. Cisco Bug IDs: CSCve65931.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco_meeting_serverCisco Meeting Server

🔴Vulnerability Details

2
GHSA
GHSA-4qfj-x73p-66v9: A vulnerability in Cisco Meeting Server versions prior to 22022-05-13
CVEList
CVE-2017-12362: A vulnerability in Cisco Meeting Server versions prior to 22017-11-30

📋Vendor Advisories

1
Cisco
Cisco Meeting Server Denial of Service Vulnerability2017-11-30
CVE-2017-12362 (MEDIUM CVSS 6.5) | A vulnerability in Cisco Meeting Se | cvebase.io