Every CVE whose affected-product data names Cisco Meeting Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2016-6447 — CVSS 9.8 (critical): A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an…
CVE-2016-6448 — CVSS 9.8 (critical): A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to…
CVE-2017-12249 — CVSS 9.1 (critical): A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated…
CVE-2016-6445 — CVSS 9.1 (critical): A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano…
CVE-2016-6444 — CVSS 8.8 (high): A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF)…
CVE-2018-0439 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a…
CVE-2017-3837 — CVSS 8.1 (high): An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server…
CVE-2018-0262 — CVSS 8.1 (high): A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or…
CVE-2017-6763 — CVSS 7.5 (high): A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote…
CVE-2018-0280 — CVSS 7.5 (high): A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated…
CVE-2017-3830 — CVSS 7.5 (high): A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of…
CVE-2016-6446 — CVSS 7.5 (high): A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected…
CVE-2018-0263 — CVSS 7.4 (high): A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal…
CVE-2019-1676 — CVSS 6.8 (medium): A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an…
CVE-2019-1623 — CVSS 6.7 (medium): A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary…
CVE-2017-6794 — CVSS 6.7 (medium): A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command…
CVE-2017-12362 — CVSS 6.5 (medium): A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system to…
CVE-2018-0371 — CVSS 6.5 (medium): A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of…
CVE-2017-12224 — CVSS 6.5 (medium): A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated…
CVE-2016-1451 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server)…
CVE-2021-40122 — CVSS 5.9 (medium): A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a…
CVE-2017-12311 — CVSS 5.8 (medium): A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco…
CVE-2018-0359 — CVSS 5.5 (medium): A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could…
CVE-2020-3160 — CVSS 5.3 (medium): A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an…
CVE-2020-3197 — CVSS 5.3 (medium): A vulnerability in the API subsystem of Cisco Meetings App could allow an unauthenticated, remote attacker to retain and reuse the…
CVE-2023-20255 — CVSS 5.3 (medium): A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a…
CVE-2018-15446 — CVSS 5.3 (medium): A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The…
CVE-2017-12264 — CVSS 5.3 (medium): A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of…
CVE-2019-1794 — CVSS 5.1 (medium): A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of…
CVE-2021-1524 — CVSS 4.3 (medium): A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS)…
CVE-2019-1678 — CVSS 4.3 (medium): A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco…