Cross-Site Request Forgery Vulnerability in Cisco TelePresence Video Communication Server
CVE-2015-6376

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Video Communication Server Software
Vendor: CVE Published:; 21 November 2015

What is CVE-2015-6376?

A cross-site request forgery (CSRF) vulnerability exists in Cisco TelePresence Video Communication Server (VCS) X8.5.1, allowing remote attackers to perform unauthorized actions on behalf of authenticated users. By exploiting this vulnerability, attackers can hijack user sessions, leading to the potential exposure of sensitive information and unauthorized control over user accounts. Proper remediation steps should be implemented to mitigate this security risk.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2015
Vulnerability Reserved
Aug 17, 2015