{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T06:07:48.435","vulnerabilities":[{"cve":{"id":"CVE-2017-12224","sourceIdentifier":"psirt@cisco.com","published":"2017-09-07T21:29:00.567","lastModified":"2026-06-17T01:02:54.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even though access should be denied. The vulnerability is due to the incorrect implementation of the configuration setting Guest access via hyperlinks, which should allow the administrative user to prevent guest users from using hyperlinks to connect to meetings. An attacker could exploit this vulnerability by using a crafted hyperlink to connect to a meeting. An exploit could allow the attacker to connect directly to the meeting with a hyperlink, even though access should be denied. The attacker would still require a valid hyperlink and encoded secret identifier to be connected. Cisco Bug IDs: CSCve20873."},{"lang":"es","value":"Una vulnerabilidad en la capacidad de los usuarios invitados de unirse a reuniones mediante un hipervínculo con Cisco Meeting Server podría permitir que un atacante remoto autenticado acceda a una reunión con una URL de hipervínculo, a pesar de que se le debería negar el acceso. Esta vulnerabilidad se debe a la incorrecta implementación de la opción de configuración de acceso de invitados mediante hipervínculos, lo que debería permitir que el usuario administrador evite que los usuarios invitados empleen hipervínculos para conectarse a las reuniones. Un atacante podría aprovechar esta vulnerabilidad empleando un hipervínculo manipulado para conectarse a una reunión. Si se explota esta vulnerabilidad, el atacante podría conectarse directamente a la reunión con un hipervínculo, aunque el acceso se le debería negar. Aun así, el atacante seguiría necesitando un hipervínculo válido y un identificador secreto codificado para conectarse. Cisco Bug IDs: CSCve20873."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"n/a","product":"Cisco Meeting Server","versions":[{"version":"Cisco Meeting Server","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:meeting_server:-:*:*:*:*:*:*:*","matchCriteriaId":"AB6B8207-6AC8-4551-8C2E-66F81B4D419C"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/100657","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1039283","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-cms","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/100657","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1039283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-cms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}