Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Meetings App Missing TURN Server Credentials Expiration Vulnerability
Vulnerability Description
A vulnerability in the API subsystem of Cisco Meetings App could allow an unauthenticated, remote attacker to retain and reuse the Traversal Using Relay NAT (TURN) server credentials that are configured in an affected system. The vulnerability is due to insufficient protection mechanisms for the TURN server credentials. An attacker could exploit this vulnerability by intercepting the legitimate traffic that is generated by an affected system. An exploit could allow the attacker to obtain the TURN server credentials, which the attacker could use to place audio/video calls and forward packets through the configured TURN server. The attacker would not be able to take control of the TURN server unless the same credentials were used in multiple systems.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Cisco Meetings App 授权问题漏洞
Vulnerability Description
Cisco Meetings App是美国思科(Cisco)公司的一款视频会议应用程序。 Cisco Meetings App中的API subsystem存在授权问题漏洞,该漏洞源于TURN服务器凭据的保护机制存在缺陷。远程攻击者可通过拦截合法流量利用该漏洞获取并重新使用Traversal Using Relay NAT (TURN)服务器凭证。
CVSS Information
N/A
Vulnerability Type
N/A