Vulnerabilities > Cisco > Meeting Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-16 | CVE-2017-12311 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it receives an illegal H.264 frame. | 5.8 |
| 2017-10-05 | CVE-2017-12264 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.3 |
| 2017-09-07 | CVE-2017-6794 | Command Injection vulnerability in Cisco Meeting Server A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. | 6.7 |
| 2017-09-07 | CVE-2017-12224 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even though access should be denied. | 6.5 |
| 2016-07-15 | CVE-2016-1451 | Cross-site Scripting vulnerability in Cisco Meeting Server 1.7Base/1.8Base/1.9Base Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. | 6.1 |