var-201611-0159
Vulnerability from variot
A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior to 1.9.3, Cisco Meeting App releases prior to 1.9.8, Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0. Vendors have confirmed this vulnerability Bug ID CSCva75942 and CSCvb67878 It is released as.A third party may execute arbitrary code. This issue being tracked by Cisco Bug ID CSCva75942 and CSCvb67878. Cisco Meeting Server (formerly known as Acano Conferencing Server, CMS) and so on are products of Cisco (Cisco). CMS is a set of conference server software including audio and video; Cisco Meeting App is a set of applications for creating, joining and running conference video systems. A buffer overflow vulnerability exists in several Cisco products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "meeting server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.0.0"
},
{
"model": "meeting app",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.8.0"
},
{
"model": "meeting server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.9.0"
},
{
"model": "meeting server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.8_base"
},
{
"model": "meeting app",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.9.0"
},
{
"model": "meeting server",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "(acano server)"
},
{
"model": "meeting application",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.8.35"
},
{
"model": "meeting application",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "(acano apps)"
},
{
"model": "meeting server",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "1.9.x (acano server)"
},
{
"model": "meeting server",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.9.3"
},
{
"model": "meeting server",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.8.16"
},
{
"model": "meeting server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meeting apps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meeting app",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "acano server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9"
},
{
"model": "acano server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.8"
},
{
"model": "meeting server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "meeting apps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.8.35"
},
{
"model": "meeting app",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.8"
},
{
"model": "acano server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.3"
},
{
"model": "acano server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.8.16"
}
],
"sources": [
{
"db": "BID",
"id": "94073"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:meeting_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:meeting_app",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "94073"
}
],
"trust": 0.3
},
"cve": "CVE-2016-6447",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-6447",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-95267",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-6447",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-6447",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-6447",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-95267",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-6447",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior to 1.9.3, Cisco Meeting App releases prior to 1.9.8, Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0. Vendors have confirmed this vulnerability Bug ID CSCva75942 and CSCvb67878 It is released as.A third party may execute arbitrary code. \nThis issue being tracked by Cisco Bug ID CSCva75942 and CSCvb67878. Cisco Meeting Server (formerly known as Acano Conferencing Server, CMS) and so on are products of Cisco (Cisco). CMS is a set of conference server software including audio and video; Cisco Meeting App is a set of applications for creating, joining and running conference video systems. A buffer overflow vulnerability exists in several Cisco products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6447"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "BID",
"id": "94073"
},
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "VULMON",
"id": "CVE-2016-6447"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6447",
"trust": 2.9
},
{
"db": "BID",
"id": "94073",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1037180",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-95267",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6447",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"db": "BID",
"id": "94073"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"id": "VAR-201611-0159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-95267"
}
],
"trust": 0.6714285999999999
},
"last_update_date": "2024-11-23T23:05:34.403000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20161102-cms",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms"
},
{
"title": "Multiple Cisco Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65236"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-bugs-in-900-series-routers-prime-home-server/121765/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161102-cms"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/94073"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1037180"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6447"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6447"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-bugs-in-900-series-routers-prime-home-server/121765/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"db": "BID",
"id": "94073"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-95267"
},
{
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"db": "BID",
"id": "94073"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-95267"
},
{
"date": "2016-11-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"date": "2016-11-02T00:00:00",
"db": "BID",
"id": "94073"
},
{
"date": "2016-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"date": "2016-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"date": "2016-11-03T21:59:04.217000",
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-95267"
},
{
"date": "2017-07-29T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6447"
},
{
"date": "2016-11-24T01:07:00",
"db": "BID",
"id": "94073"
},
{
"date": "2016-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005731"
},
{
"date": "2016-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-006"
},
{
"date": "2024-11-21T02:56:09.110000",
"db": "NVD",
"id": "CVE-2016-6447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Meeting Server and Meeting Vulnerability to execute arbitrary code in application",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005731"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-006"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…