Guest

Preview Tool

Cisco Bug: CSCvj04869 - Cisco Meeting Server TURN Server Evaluation

Last Modified

Sep 24, 2018

Products (1)

  • Cisco Meeting Server

Known Affected Releases

unspecified

Description (partial)

CISCO HIGHLY CONFIDENTIAL - CONTROLLED ACCESS

This issue is under review by the Cisco Product Security Incident Response
team (PSIRT).

The defect describes a product security vulnerability.  Its contents must
be protected from unauthorized disclosure, both internal and external to
Cisco.  Do not forward this information to mailing lists or newsgroups.

Documentation writers: it is prohibited to publish this Release-note 
Enclosure (RNE) until the content has been approved by PSIRT.  PSIRT may 
publish a Security Advisory regarding this defect, and the current text of 
this RNE will be replaced with appropriate information.  In the event that 
a Security Advisory is not published, PSIRT will replace this text with an 
appropriate explanation.

More information on PSIRT is available at <http//psirt.cisco.com/>.  
Cisco's public policy on security vulnerability handling can be reviewed at 
<http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html>.
For further information, send a message to psirt@cisco.com.

(briandd-04/18/18)

Symptom:
Cisco Meeting Server integrates a TURN server, which provides firewall traversal technology. When enabled, its core functionality is to relay media packets between participants which may be on different networks, behind firewalls or NAT devices, etc

The TURN server usage is protected by a password so only legitimate users can access this service.

Conditions:
A device utilizing TURN server technology alongside the Cisco Meeting Server deployment.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.