Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0620

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2015-0620
Last Modified 20 Feb 2015 10:02:22
Published 17 Feb 2015 09:59:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2015-0620

Summary

The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494.

Vulnerable Systems

Application

  • Cisco Telepresence Management Suite 14.3

  • Cisco Telepresence Management Suite 14.3%28.1%29

  • Cisco Telepresence Management Suite 14.3%28.2%29


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=37491

CISCO - 20150216 Cisco TelePresence Management Suite XML Vulnerability

XF - cisco-telepresence-cve20150620-dos(100924)

SECTRACK - 1031753


Last Updated: 27 May 2016 11:07:52