CVE-2016-6447 Information

Description

A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1 Acano Server releases prior to 1.8.16 and prior to 1.9.3 Cisco Meeting App releases prior to 1.9.8 Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/94073 http://www.securitytracker.com/id/1037180 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8