CVE-2018-0280 - OpenCVE

A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Meeting Server

Configuration 1 [-]

OR	cpe:2.3:a:cisco:meeting_server:2.0:::::::*
	cpe:2.3:a:cisco:meeting_server:2.1:::::::*
	cpe:2.3:a:cisco:meeting_server:2.2:::::::*
	cpe:2.3:a:cisco:meeting_server:2.2.5:::::::*
	cpe:2.3:a:cisco:meeting_server:2.2.8:::::::*
	cpe:2.3:a:cisco:meeting_server:2.3:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/104209	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040923	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-msms	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2018-05-17T03:00:00

Updated: 2018-05-19T09:57:01

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0280

JSON object: View

NVD Information

Status : Modified

Published: 2018-05-17T03:29:00.527

Modified: 2019-10-09T23:31:37.880

Link: CVE-2018-0280

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "Cisco Meeting Server Media Services", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Meeting Server Media Services"}]}], "datePublic": "2018-05-16T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-05-19T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "104209", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104209"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-msms"}, {"name": "1040923", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040923"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0280", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Meeting Server Media Services", "version": {"version_data": [{"version_value": "Cisco Meeting Server Media Services"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "104209", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104209"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-msms", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-msms"}, {"name": "1040923", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040923"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0280", "datePublished": "2018-05-17T03:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2018-05-19T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:meeting_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB0F4CF7-87D8-43D2-9C66-717A2939C374", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "08EB74B6-570C-49D9-8C53-8944618E99C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D54E7F1E-A9DB-4192-AC10-B778D2A5D079", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "6778DD12-81FF-4D24-8355-E2BF9085CDA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "6DB2EA17-1A3C-4588-92A0-738C4527FE27", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_server:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "4A51C118-1785-4E1D-B4C5-F3DEA92AE952", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363."}, {"lang": "es", "value": "Una vulnerabilidad en el el procesamiento bitstream Real-Time Transport Protocol (RTP) de Cisco Meeting Server podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de los bitstreams RTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un bitstream RTP manipulado a un Cisco Meeting Server afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante deniegue los servicios de audio y v\u00eddeo provocando cierres inesperados del proceso media, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el producto afectado. Esta vulnerabilidad afecta a los despliegues de Cisco Meeting Server que ejecutan Cisco Meeting Server Software en sus versiones 2.0, 2.1, 2.2 y 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363."}], "id": "CVE-2018-0280", "lastModified": "2019-10-09T23:31:37.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-17T03:29:00.527", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104209"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040923"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-msms"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}