CVE-2016-6447
Published on: 11/03/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:11 PM UTC
Certain versions of Meeting App from Cisco contain the following vulnerability:
A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to 2.0.1, Acano Server releases prior to 1.8.16 and prior to 1.9.3, Cisco Meeting App releases prior to 1.9.8, Acano Meeting Apps releases prior to 1.8.35. More Information: CSCva75942 CSCvb67878. Known Affected Releases: 1.81.92.0.
- CVE-2016-6447 has been assigned by
[email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.
CVSS3 Score: 9.8 - CRITICAL
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | NONE | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 7.5 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability | Vendor Advisory tools.cisco.com text/html |
![]() |
Cisco Meeting Server and Meeting App CVE-2016-6447 Buffer Underflow Vulnerability | cve.report (archive) text/html |
![]() |
Cisco Meeting Server Buffer Underflow in Processing IPv6 Data Lets Remote Users Execute Arbitrary Code - SecurityTracker | www.securitytracker.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Cisco | Meeting App | 1.8.0 | All | All | All |
Application | Cisco | Meeting App | 1.9.0 | All | All | All |
Application | Cisco | Meeting App | 1.8.0 | All | All | All |
Application | Cisco | Meeting App | 1.9.0 | All | All | All |
Application | Cisco | Meeting Server | 1.8_base | All | All | All |
Application | Cisco | Meeting Server | 1.9.0 | All | All | All |
Application | Cisco | Meeting Server | 2.0.0 | All | All | All |
Application | Cisco | Meeting Server | 1.8_base | All | All | All |
Application | Cisco | Meeting Server | 1.9.0 | All | All | All |
Application | Cisco | Meeting Server | 2.0.0 | All | All | All |
- cpe:2.3:a:cisco:meeting_app:1.8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_app:1.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_app:1.8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_app:1.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:1.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:2.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:1.8_base:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:1.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:meeting_server:2.0.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE