A security vulnerability in Cisco Meeting Server, tracked as CVE-2016-6445, could be exploited by attackers to impersonate legitimate users. The hole resides in the Extensible Messaging and Presence Protocol (XMPP) service. The XMPP service incorrectly processes a deprecated authentication scheme allowing an unauthenticated attacker to access the system impersonating another user. There is no evidence that the vulnerability has been exploited in the wild. The flaw affects the following versions of the Cisco Meeting server.”]
Source: http://securityaffairs.co/wordpress/52241/hacking/cve-2016-6445-cisco.html