A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest access via ID and passcode option is set to Legacy mode. An attacker could exploit this vulnerability by sending meeting requests to an affected system. A successful exploit could allow the attacker to determine the values of meeting room unique identifiers, possibly allowing the attacker to conduct further exploits.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-11-08T18:00:00Z
Updated: 2024-11-26T14:21:44.623Z
Reserved: 2018-08-17T00:00:00
Link: CVE-2018-15446
Vulnrichment
Updated: 2024-08-05T09:54:03.478Z
NVD
Status : Modified
Published: 2018-11-08T18:29:00.413
Modified: 2024-11-21T03:50:49.273
Link: CVE-2018-15446
Redhat
No data.