Authorization Bypass in Cisco MediaSense Affects Recordings Access
CVE-2014-0672

Currently unrated

Key Information:

Vendor: Cisco
Status: Mediasense
Vendor: CVE Published:; 22 January 2014

Summary

The Search and Play interface of Cisco MediaSense has a security flaw that fails to enforce proper authorization checks. This vulnerability enables remote authenticated users to exploit the interface to download recordings they should not have access to, thereby compromising the security of sensitive audio and video data stored within the system.

References

http://www.securitytracker.com/id/1029668

vdb-entryx_refsource_SECTRACK

http://osvdb.org/102342

vdb-entryx_refsource_OSVDB

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 22, 2014
Vulnerability Reserved
Jan 2, 2014