Vulnerabilities > Cisco > Meeting Server > 2.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-01 | CVE-2023-20255 | Unspecified vulnerability in Cisco Meeting Server A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.3 |
| 2021-10-21 | CVE-2021-40122 | Improper Resource Shutdown or Release vulnerability in Cisco Meeting Server A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2020-02-19 | CVE-2020-3160 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. | 5.3 |
| 2019-06-20 | CVE-2019-1623 | OS Command Injection vulnerability in Cisco Meeting Server A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. | 6.7 |
| 2019-02-08 | CVE-2019-1676 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. | 7.5 |
| 2018-10-05 | CVE-2018-0439 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Meeting Server A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0359 | Session Fixation vulnerability in Cisco Meeting Server 2.3.0 A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid user session identifier, aka Session Fixation. | 5.5 |
| 2018-06-07 | CVE-2018-0263 | Insecure Default Initialization of Resource vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. | 7.4 |
| 2017-11-16 | CVE-2017-12311 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it receives an illegal H.264 frame. | 5.8 |