Information Disclosure Vulnerability in Cisco TelePresence Video Communication Server
CVE-2015-4320

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Video Communication Server Software
Vendor: CVE Published:; 20 August 2015

What is CVE-2015-4320?

The Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 has a configuration log file component that allows remote authenticated users access to sensitive information. This vulnerability exposes private data through improper management of log files, potentially leading to unauthorized disclosure of critical system details. Organizations utilizing this version of the VCS should be aware of the risks involved and consider applying recommended security measures.

References

http://www.securityfocus.com/bid/76350

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1033284

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2015
Vulnerability Reserved
Jun 4, 2015