CVE-2017-12249
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerability is due to an incorrect default configuration of the TURN server, which could expose internal interfaces and ports on the external interface of an affected system. An attacker could exploit this vulnerability by using a TURN server to perform an unauthorized connection to a Call Bridge, a Web Bridge, or a database cluster in an affected system, depending on the deployment model and CMS services in use. A successful exploit could allow the attacker to gain unauthenticated access to a Call Bridge or database cluster in an affected system or gain unauthorized access to sensitive meeting information in an affected system. To exploit this vulnerability, the attacker must have valid credentials for the TURN server of the affected system. This vulnerability affects Cisco Meeting Server (CMS) deployments that are running a CMS Software release prior to Release 2.0.16, 2.1.11, or 2.2.6. Cisco Bug IDs: CSCvf51127.
Una vulnerabilidad en el servidor TURN (Traversal Using Relay NAT) incluido en Cisco Meeting Server (CMS) podría permitir que un atacante autenticado remoto obtenga acceso no autorizado o no autenticado a componentes o información sensible de un sistema afectado. La vulnerabilidad se debe a una configuración por defecto incorrecta del servidor TURN, lo que podría exponer puertos e interfaces internos en la interfaz externa de un sistema afectado. Un atacante podría explotar esta vulnerabilidad utilizando un servidor TURN para realizar una conexión no autorizada a un Call Bridge, un Web Bridge o un clúster de bases de datos en un sistema afectado, dependiendo del modelo de despliegue y los servicios CMS en uso. Una explotación con éxito podría permitir a un atacante obtener acceso no autenticado a un Call Bridge o un clúster de bases de datos en un sistema afecado, o acceso no autorizado a información de reuniones sensible en un sistema afectado. Para explotar esta vulnerabilidad, el atacante debe poseer las credenciales válidas para el servidor TURN del sistema afectado. Esta vulnerabilidad afecta a los despliegues de Cisco Meeting Server (CMS) que estén ejecutando un lanzamiento del software de CMS anterior al 2.0.16, 2.1.11 o 2.2.6. Cisco Bug IDs: CSCvf51127.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-03 CVE Reserved
- 2017-09-13 CVE Published
- 2023-11-09 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
- CWE-668: Exposure of Resource to Wrong Sphere
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100821 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039357 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170913-cmsturn | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | <= 2.0.15 Search vendor "Cisco" for product "Meeting Server" and version " <= 2.0.15" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.0 Search vendor "Cisco" for product "Meeting Server" and version "2.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.1 Search vendor "Cisco" for product "Meeting Server" and version "2.1.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.2 Search vendor "Cisco" for product "Meeting Server" and version "2.1.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.3 Search vendor "Cisco" for product "Meeting Server" and version "2.1.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.4 Search vendor "Cisco" for product "Meeting Server" and version "2.1.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.5 Search vendor "Cisco" for product "Meeting Server" and version "2.1.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.6 Search vendor "Cisco" for product "Meeting Server" and version "2.1.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.7 Search vendor "Cisco" for product "Meeting Server" and version "2.1.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.8 Search vendor "Cisco" for product "Meeting Server" and version "2.1.8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.9 Search vendor "Cisco" for product "Meeting Server" and version "2.1.9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.1.10 Search vendor "Cisco" for product "Meeting Server" and version "2.1.10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.0 Search vendor "Cisco" for product "Meeting Server" and version "2.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.1 Search vendor "Cisco" for product "Meeting Server" and version "2.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.2 Search vendor "Cisco" for product "Meeting Server" and version "2.2.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.3 Search vendor "Cisco" for product "Meeting Server" and version "2.2.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.4 Search vendor "Cisco" for product "Meeting Server" and version "2.2.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meeting Server Search vendor "Cisco" for product "Meeting Server" | 2.2.5 Search vendor "Cisco" for product "Meeting Server" and version "2.2.5" | - |
Affected
| ||||||