Information Disclosure in Cisco TelePresence Video Communication Server
CVE-2015-4314

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Video Communication Server Software
Vendor: CVE Published:; 20 August 2015

Summary

The System Snapshot feature in Cisco TelePresence Video Communication Server Expressway X8.5.1 presents a significant risk where remote authenticated users can access sensitive password-hash information. This occurs through unauthorized access to the snapshot file, potentially exposing critical credentials. It is essential for IT teams to address this vulnerability to safeguard sensitive data and ensure the integrity of their communication systems.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033266

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 20, 2015
Vulnerability Reserved
Jun 4, 2015