Improper Authentication in Cisco TelePresence Endpoints
CVE-2013-3405

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Tc Software
Vendor: CVE Published:; 10 July 2013

Summary

The TC software on Cisco TelePresence endpoints features a vulnerability that permits remote attackers to bypass the authentication mechanism if a user has not configured a password. This flaw arises from the web portal's failure to enforce an exact password match during login attempts. Consequently, an attacker can exploit this vulnerability by sending any arbitrary password, gaining unauthorized access to the system.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 10, 2013