Rewterz

REWTERZ THREAT ALERT – New SpeakUp Backdoor Infects Linux and macOS with Miners in East Asia

February 7, 2019
Rewterz

Rewterz Threat Advisory -CVE-2018-11803 – Apache Subversion Denial of Service Vulnerability

February 8, 2019

Rewterz Threat Advisory – CVE-2019-1678 – Cisco Meeting Server Denial of Service Vulnerability

Severity

Medium

Category

Vulnerability

Analysis Summary

Marked as a failure to handle exceptional conditions, a vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation of coSpaces configuration parameters. An attacker could exploit this vulnerability by inserting crafted strings in specific coSpace parameters. An exploit could allow the attacker to prevent clients from joining a conference call in the affected coSpace.

Impact


Denial of Service

Affected Products

Cisco Meeting Server 2.3.7

Cisco Meeting Server 2.3.6

Cisco Meeting Server 2.4

Remediation

Updates are available. The following two versions are also not vulnerable to this flaw.

Cisco Meeting Server 2.4.3

Cisco Meeting Server 2.3.9

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.