Symlink Attack Vulnerability in Cisco TelePresence Video Communication Server
CVE-2015-6318

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Video Communication Server Software
Vendor: CVE Published:; 12 October 2015

Summary

Cisco TelePresence Video Communication Server (VCS) Expressway versions X8.5.1 and X8.5.2 are susceptible to a file modification vulnerability. Local users can exploit this weakness using an unspecified symlink attack to write to arbitrary files, potentially compromising system integrity. Mitigation measures should be implemented following Cisco's security advisory.

References

http://www.securitytracker.com/id/1033781

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 12, 2015
Vulnerability Reserved
Aug 17, 2015