Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0653

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2015-0653
Last Modified 11 Sep 2015 11:48:29
Published 12 Mar 2015 09:59:32
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0653

Summary

The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to bypass authentication via crafted login parameters, aka Bug IDs CSCur02680 and CSCur05556.

Vulnerable Systems

Application

  • Cisco Expressway Software X7.2.3

  • Cisco Expressway Software X8.1.1

  • Cisco Expressway Software X8.2.1

  • Cisco Telepresence Conductor Xc3

  • Cisco Telepresence Video Communication Server Software X7.2.3

  • Cisco Telepresence Video Communication Server Software X8.1.1

  • Cisco Telepresence Video Communication Server Software X8.2.1


References

CISCO - 20150311 Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway, and Cisco TelePresence Conductor

SECTRACK - 1031910


Last Updated: 27 May 2016 11:08:05