Refine your search
3 vulnerabilities found for Cisco Meeting Management by Cisco
CVE-2026-20098 (GCVE-0-2026-20098)
Vulnerability from cvelistv5
Published
2026-02-04 16:11
Modified
2026-02-26 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the root system account and allow arbitrary command execution with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meeting Management |
Version: CMM3.4.0 Version: CMM3.2.0 Version: CMM2.9.1 Version: CMM2.9.0 Version: CMM3.1.0 Version: CMM3.5.0 Version: CMM3.6.0 Version: CMM3.6.1 Version: CMM3.7.0 Version: CMM3.8.0 Version: CMM3.9.0 Version: CMM3.10.0 Version: CMM3.9.1 Version: CMM3.11.0 Version: CMM3.12.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T04:55:17.537048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:20.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Meeting Management",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "CMM3.4.0"
},
{
"status": "affected",
"version": "CMM3.2.0"
},
{
"status": "affected",
"version": "CMM2.9.1"
},
{
"status": "affected",
"version": "CMM2.9.0"
},
{
"status": "affected",
"version": "CMM3.1.0"
},
{
"status": "affected",
"version": "CMM3.5.0"
},
{
"status": "affected",
"version": "CMM3.6.0"
},
{
"status": "affected",
"version": "CMM3.6.1"
},
{
"status": "affected",
"version": "CMM3.7.0"
},
{
"status": "affected",
"version": "CMM3.8.0"
},
{
"status": "affected",
"version": "CMM3.9.0"
},
{
"status": "affected",
"version": "CMM3.10.0"
},
{
"status": "affected",
"version": "CMM3.9.1"
},
{
"status": "affected",
"version": "CMM3.11.0"
},
{
"status": "affected",
"version": "CMM3.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.\r\n\r\nThis vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability\u0026nbsp;by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the\u0026nbsp;root system account and allow arbitrary command execution with\u0026nbsp;root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:11:48.298Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cmm-file-up-kY47n8kK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-file-up-kY47n8kK"
}
],
"source": {
"advisory": "cisco-sa-cmm-file-up-kY47n8kK",
"defects": [
"CSCwr97339"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Meeting Management Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20098",
"datePublished": "2026-02-04T16:11:48.298Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-02-26T15:04:20.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20156 (GCVE-0-2025-20156)
Vulnerability from cvelistv5
Published
2025-01-22 16:21
Modified
2026-02-26 19:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Summary
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device.
This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meeting Management |
Version: CMM3.4.0 Version: CMM3.2.0 Version: CMM2.9.1 Version: CMM2.9.0 Version: CMM3.1.0 Version: CMM3.5.0 Version: CMM3.6.0 Version: CMM3.6.1 Version: CMM3.7.0 Version: CMM3.8.0 Version: CMM3.9.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T04:56:07.663388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:08:58.432Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Meeting Management",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "CMM3.4.0"
},
{
"status": "affected",
"version": "CMM3.2.0"
},
{
"status": "affected",
"version": "CMM2.9.1"
},
{
"status": "affected",
"version": "CMM2.9.0"
},
{
"status": "affected",
"version": "CMM3.1.0"
},
{
"status": "affected",
"version": "CMM3.5.0"
},
{
"status": "affected",
"version": "CMM3.6.0"
},
{
"status": "affected",
"version": "CMM3.6.1"
},
{
"status": "affected",
"version": "CMM3.7.0"
},
{
"status": "affected",
"version": "CMM3.8.0"
},
{
"status": "affected",
"version": "CMM3.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device.\r\n\r\nThis vulnerability exists because proper authorization is not enforced upon\u0026nbsp;REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T16:21:20.333Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cmm-privesc-uy2Vf8pc",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc"
},
{
"name": "ClamAV blog",
"url": "https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"
}
],
"source": {
"advisory": "cisco-sa-cmm-privesc-uy2Vf8pc",
"defects": [
"CSCwi88558"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Meeting Management Client-Server Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20156",
"datePublished": "2025-01-22T16:21:20.333Z",
"dateReserved": "2024-10-10T19:15:13.216Z",
"dateUpdated": "2026-02-26T19:08:58.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-20507 (GCVE-0-2024-20507)
Vulnerability from cvelistv5
Published
2024-11-06 16:29
Modified
2024-11-06 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.
This vulnerability is due to improper storage of sensitive information within the web-based management interface of an affected device. An attacker could exploit this vulnerability by logging in to the web-based management interface. A successful exploit could allow the attacker to view sensitive data that is stored on the affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meeting Management |
Version: CMM3.4.0 Version: CMM3.2.0 Version: CMM2.9.1 Version: CMM2.9.0 Version: CMM3.1.0 Version: CMM3.5.0 Version: CMM3.6.0 Version: CMM3.6.1 Version: CMM3.7.0 Version: CMM3.8.0 Version: CMM3.9.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:05:07.038322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:05:16.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Meeting Management",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "CMM3.4.0"
},
{
"status": "affected",
"version": "CMM3.2.0"
},
{
"status": "affected",
"version": "CMM2.9.1"
},
{
"status": "affected",
"version": "CMM2.9.0"
},
{
"status": "affected",
"version": "CMM3.1.0"
},
{
"status": "affected",
"version": "CMM3.5.0"
},
{
"status": "affected",
"version": "CMM3.6.0"
},
{
"status": "affected",
"version": "CMM3.6.1"
},
{
"status": "affected",
"version": "CMM3.7.0"
},
{
"status": "affected",
"version": "CMM3.8.0"
},
{
"status": "affected",
"version": "CMM3.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.\r\n\r\nThis vulnerability is due to improper storage of sensitive information within the web-based management interface of an affected device. An attacker could exploit this vulnerability by logging in to the web-based management interface. A successful exploit could allow the attacker to view sensitive data that is stored on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:29:46.350Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cmm-info-disc-9ZEMAhGA",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-info-disc-9ZEMAhGA"
}
],
"source": {
"advisory": "cisco-sa-cmm-info-disc-9ZEMAhGA",
"defects": [
"CSCwm05372"
],
"discovery": "INTERNAL"
},
"title": "Cisco Meeting Management Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20507",
"datePublished": "2024-11-06T16:29:46.350Z",
"dateReserved": "2023-11-08T15:08:07.688Z",
"dateUpdated": "2024-11-06T17:05:16.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}