Vulnslist

find the latest Cisco vulnerabilities

Cisco Meeting Server Client Authentication Bypass Vulnerability

cisco-sa-20161012-msc · Critical · Published · Updated

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability in some environments are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc

Cisco advisory · CSAF JSON

Workarounds

Administrators are advised to apply appropriate updates. However, if the XMPP protocol is not needed, it can be disabled by an administrator with the xmpp disable command. In this case, the system will continue to support other protocols. The following example shows how to disable the XMPP protocol and verify that it is disabled.

system> xmpp disable

system> xmpp status
Enabled                 : false
Clustered               : true
Domain                  : cisco.com
Listening interfaces    : a
Key file                : acano.key
Certificate file        : acano.crt
CA Bundle file          : ca-bundle.crt
Max sessions per user   : unlimited
STATUS                  : XMPP server not enabled

CVEsCVE-2016-6445
Cisco Bug IDsCSCvb62741
CVSS ScoreBase 6.4
Base 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N/E:F/RL:OF/RC:C
Product Names From Source
Cisco Meeting Server

Related Products

Product CVE Evidence
Cisco Meeting Server CVE-2016-6445 Cisco OpenVuln