Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Meeting Management Client-Server Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
不充分特权处理不恰当
Vulnerability Title
Cisco Meeting Management 安全漏洞
Vulnerability Description
Cisco Meeting Management(CMM)是美国思科(Cisco)公司的一个 Cisco 本地视频会议平台 Cisco Meeting Server 的管理工具。 Cisco Meeting Management存在安全漏洞,该漏洞源于REST API用户授权不足,导致低权限认证远程攻击者可通过发送API请求到特定端点提升至管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A