VDB
CVE-2019-1678
CVE-2019-1678
PUBLISHED
CVSS 4.300000190734863 MEDIUM
A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation of coSpaces configuration parameters. An attacker could exploit this vulnerability by inserting crafted strings in specific coSpace parameters. An exploit could allow the attacker to prevent clients from joining a conference call in the affected coSpace. Versions prior to 2.4.3 are affected.
EPSS 0.38% · 59.7th percentile
Risk Scores
CVSS 3.0
4.300000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.38%
59.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Meeting Server | unspecified |
| cisco | meeting_server | 2.3.6 |
Exploit Intelligence
Timeline
- Feb 7, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2019-1678 advisory
- 106943 vdb
- 20190206 Cisco Meeting Server Denial of Service Vulnerability vendor-advisory