Cisco Meeting Management Arbitrary File Upload Vulnerability Allowing Root Privilege Escalation

A vulnerability exists in the Certificate Management feature of Cisco Meeting Management, allowing authenticated, remote attackers to upload arbitrary files, execute commands, and gain root privileges on affected systems. This issue stems from inadequate input validation in certain areas of the web-based management interface. Exploitation involves sending a crafted HTTP request to the system. Successfully uploaded malicious files could overwrite system files handled by the root account, enabling command execution with root rights. This vulnerability affects Cisco Meeting Management releases through 3.12 and requires valid credentials for a user account with at least the video operator role.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, arbitrary command execution, and privilege escalation to root on the affected system.

Remediation

Users are advised to upgrade to Cisco Meeting Management version 3.12.1 MR. For guidance on obtaining the update, refer to the Cisco Support and Downloads page or contact the Cisco Technical Assistance Center (TAC).