Command Injection Vulnerability in Cisco TelePresence Software
CVE-2015-0713

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Advanced Media Gateway; Telepresence Mcu Software; Telepresence Server Software; Telepresence Ip Gateway
Vendor: CVE Published:; 25 May 2015

Summary

Several Cisco TelePresence products are impacted by a vulnerability that allows remote authenticated users to run arbitrary commands with elevated privileges. This flaw affects specific versions of Cisco TelePresence software, permitting attackers to exploit unsecured vectors, potentially compromising system integrity and confidentiality. It is essential for users and administrators to ensure they are using the latest patches and updates to mitigate the risks associated with this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 25, 2015
Vulnerability Reserved
Jan 7, 2015