Command Injection Vulnerability in Cisco TelePresence Video Communication Server
CVE-2015-4303

Currently unrated

Key Information:

Vendor

Cisco
Status
Telepresence Video Communication Server Software
Vendor
CVE Published:
20 August 2015

What is CVE-2015-4303?

A command injection vulnerability exists in Cisco TelePresence Video Communication Server (VCS) version X8.5.2, which allows remote authenticated users to execute arbitrary commands as the 'nobody' user. This issue arises from an exploit in an unspecified web-page parameter. Successful exploitation could lead to unauthorized access and potential compromise of system integrity, making it critical for users to apply necessary security updates and follow vendor guidance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/76322
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1033268
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.