Unauthorized Access in Cisco TelePresence Video Communication Server
CVE-2015-6413

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Video Communication Server Software
Vendor: CVE Published:; 13 December 2015

Summary

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 is susceptible to unauthorized access, enabling remote authenticated users to circumvent intended read-only restrictions. This security flaw allows these users to upload Tandberg Linux Package (TLP) files through the administrative interface, posing significant risks to the integrity and security of the affected system. For more details, refer to the vendor advisory and pertinent security references.

References

http://www.securityfocus.com/bid/79088

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1034378

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 13, 2015
Vulnerability Reserved
Aug 17, 2015