ID de Prueba:	1.3.6.1.4.1.25623.1.0.140044
Categoría:	CISCO
Título:	Cisco Meeting Server Client Authentication Bypass Vulnerability
Resumen:	A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco;Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate;user. This vulnerability is due to the XMPP service incorrectly processing a deprecated;authentication scheme. A successful exploit could allow an attacker to access the system as;another user.;;Cisco has released software updates that address this vulnerability. Workarounds that address this;vulnerability in some environments are available. This advisory is available at the referenced link.
Descripción:	Summary: A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability in some environments are available. This advisory is available at the referenced link. Solution: Update to 2.0.6 or newer. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6445 BugTraq ID: 93517 http://www.securityfocus.com/bid/93517 http://www.securitytracker.com/id/1037000
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.