Open Redirect Vulnerability in Cisco TelePresence Devices
CVE-2015-0697

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Tc Software
Vendor: CVE Published:; 15 April 2015

What is CVE-2015-0697?

An open redirect vulnerability exists in the login page of Cisco's TelePresence Collaboration Desk and Room Endpoints devices. This flaw allows remote attackers to redirect users to malicious web pages, which can lead to phishing attacks. The issue impacts Cisco TC Software prior to version 6.3-26 and all 7.x versions before 7.3.0, posing significant security risks through undefined vectors, thereby increasing the chance of exploit.

References

http://www.securitytracker.com/id/1032136

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2015
Vulnerability Reserved
Jan 7, 2015