CVE-2016-6447

EPSS 7.59%
Veröffentlicht 03.11.2016 21:59:04
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior to 1.9.3, Cisco Meeting App releases prior to 1.9.8, Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Meeting App Version1.8.0

Cisco ≫ Meeting App Version1.9.0

Cisco ≫ Meeting Server Version1.8_base

Cisco ≫ Meeting Server Version1.9.0

Cisco ≫ Meeting Server Version2.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.59%	0.914

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/94073

http://www.securitytracker.com/id/1037180

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-6447

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6447

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6447

EUVD