Authentication Bypass Vulnerability in Cisco TelePresence Products
CVE-2015-0653

Currently unrated

Key Information:

Vendor: Cisco
Status: Expressway Software; Telepresence Conductor; Telepresence Video Communication Server Software
Vendor: CVE Published:; 13 March 2015

Summary

The management interface of Cisco TelePresence Video Communication Server and Cisco Expressway allows remote attackers to bypass authentication through the use of specially crafted login parameters. This vulnerability affects multiple versions of the products, enabling unauthorized access to sensitive functionalities and potentially compromising the integrity and confidentiality of the communications facilitated by these systems. It is crucial for organizations using these technologies to apply the necessary updates to safeguard against potential exploits.

References

http://www.securitytracker.com/id/1031910

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 13, 2015
Vulnerability Reserved
Jan 7, 2015