CVE-2018-0262

{"id": "CVE-2018-0262", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2018-05-02T22:29:00.857", "references": [{"url": "http://www.securityfocus.com/bid/104079", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1040819", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-cms-cx", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/104079", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1040819", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-cms-cx", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-16"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. The vulnerability is due to incorrect default configuration of the device, which can expose internal interfaces and ports on the external interface of the system. A successful exploit could allow the attacker to gain unauthenticated access to configuration and database files as well as sensitive meeting information on an affected system. Additionally, if the Traversal Using Relay NAT (TURN) service is enabled and utilizing Transport Layer Security (TLS) connections, an attacker could utilize TURN credentials to forward traffic to device daemons, allowing for remote exploitation. This vulnerability affects Cisco Meeting Server (CMS) Acano X-series platforms that are running a CMS Software release prior to 2.2.11. Cisco Bug IDs: CSCvg76469."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Meeting Server podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a los componentes o a informaci\u00f3n sensible de un sistema afectado, lo que conduce a la ejecuci\u00f3n remota de c\u00f3digo. La vulnerabilidad se debe a la configuraci\u00f3n por defecto incorrecta del dispositivo, que puede exponer interfaces internas y puertos en la interfaz externa del sistema. Un exploit con \u00e9xito podr\u00eda permitir que el atacante obtenga acceso no autenticado a archivos de configuraci\u00f3n y base de datos, as\u00ed como a informaci\u00f3n sensible de reuniones en un sistema afectado. Adem\u00e1s, si el servicio TURN (Traversal Using Relay NAT) est\u00e1 activado y emplea conexiones TLS (Transport Layer Security), un atacante podr\u00eda utilizar credenciales TURN para reenviar tr\u00e1fico a los demonios del dispositivo, lo que permite su explotaci\u00f3n remota. Esta vulnerabilidad afecta a las plataformas Cisco Meeting Server (CMS) Acano X-series que ejecutan una versi\u00f3n de CMS Software anterior a la 2.2.11. Cisco Bug IDs: CSCvg76469."}], "lastModified": "2024-11-21T03:37:50.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:meeting_server:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8F666C0-4AD4-4F44-B705-3607EB961A69"}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB0F4CF7-87D8-43D2-9C66-717A2939C374"}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08EB74B6-570C-49D9-8C53-8944618E99C2"}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D54E7F1E-A9DB-4192-AC10-B778D2A5D079"}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A51C118-1785-4E1D-B4C5-F3DEA92AE952"}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A3F0329-4C57-4E10-94BB-7F5CCA043085"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}