====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN254
_____________________________________________________________________

DATE                : 14/09/2017

HARDWARE PLATFORM(S):  /

OPERATING SYSTEM(S): Systems running Cisco Meeting Server TURN Server.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170913-cmsturn
____________________________________________________________________

Cisco Security Advisory: Cisco Meeting Server TURN Server Unauthorized
Access and Information Disclosure Vulnerability

Advisory ID: cisco-sa-20170913-cmsturn

Revision: 1.0

For Public Release: 2017 September 13 16:00 GMT

Last Updated: 2017 September 13 16:00 GMT

CVE ID(s): CVE-2017-12249

CVSS Score v(3): 9.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the Traversal Using Relay NAT (TURN) server included
with Cisco Meeting Server (CMS) could allow an authenticated, remote
attacker to gain unauthenticated or unauthorized access to components
of or sensitive information in an affected system.

The vulnerability is due to an incorrect default configuration of the
TURN server, which could expose internal interfaces and ports on the
external interface of an affected system. An attacker could exploit
this vulnerability by using a TURN server to perform an unauthorized
connection to a Call Bridge, a Web Bridge, or a database cluster in an
affected system, depending on the deployment model and CMS services in
use. A successful exploit could allow the attacker to gain
unauthenticated access to a Call Bridge or database cluster in an
affected system or gain unauthorized access to sensitive meeting
information in an affected system. To exploit this vulnerability, the
attacker must have valid credentials for the TURN server of the
affected system.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170913-cmsturn
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170913-cmsturn"]



==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================