Cisco Meeting Management
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Meeting Management.
Recent Cisco Meeting Management Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2026-02-04 | Cisco Meeting Management Arbitrary File Upload Vulnerability | February 4, 2026 |
| 2025-01-23 | Cisco Meeting Management REST API Privilege Escalation Vulnerability | January 23, 2025 |
| 2024-11-07 | Cisco Meeting Management Information Disclosure Vulnerability | November 7, 2024 |
By the Year
In 2026 there have been 1 vulnerability in Cisco Meeting Management with an average score of 8.8 out of ten. Last year, in 2025 Meeting Management had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Meeting Management in 2026 could surpass last years number. Last year, the average CVE base score was greater by 1.10
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 8.80 |
| 2025 | 1 | 9.90 |
| 2024 | 1 | 6.50 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 7.50 |
It may take a day or so for new Meeting Management vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Meeting Management Security Vulnerabilities
Cisco Meeting Mgt RCE via Arbitrary File Upload
CVE-2026-20098
8.8 - High
- February 04, 2026
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the root system account and allow arbitrary command execution with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator.
Unrestricted File Upload
Cisco Meeting Mgmt REST API Priv Esc (Auth Bypass)
CVE-2025-20156
9.9 - Critical
- January 22, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.
Improper Handling of Insufficient Privileges
Cisco Meeting Management Logging Subsystem Info Leak
CVE-2024-20507
6.5 - Medium
- November 06, 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of an affected device. An attacker could exploit this vulnerability by logging in to the web-based management interface. A successful exploit could allow the attacker to view sensitive data that is stored on the affected device.
Information Disclosure
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet
CVE-2018-5390
7.5 - High
- August 06, 2018
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Resource Exhaustion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Meeting Management or by Cisco? Click the Watch button to subscribe.
