CVE-2016-6446

Published: Oct 27, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0.

Affected (9)

Products: Cisco: Meeting Server

Cisco

1 product

Meeting Server

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Cisco Meeting Server	Version 1.8.15
Cisco Meeting Server	Version 1.8_base
Cisco Meeting Server	Version 1.9.0
Cisco Meeting Server	Version 1.9.2
Cisco Meeting Server	Version 2.0.0
Cisco Meeting Server	Version 2.0.1
Cisco Meeting Server	Version 2.0.3
Cisco Meeting Server	Version 2.0.4
Cisco Meeting Server	Version 2.0.5

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/93782

Source: psirt@cisco.com

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms1

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/93782

Source: af854a3a-2127-422b-91ae-364da2661108

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-cms1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.