ID de Prueba:	1.3.6.1.4.1.25623.1.0.105403
Categoría:	CISCO
Título:	Cisco TelePresence Video Communication Server Expressway File Modification Vulnerability (cisco-sa-20151007-vcs)
Resumen:	A vulnerability in the symbolic link operation of the Cisco; TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local; attacker to perform a symbolic link attack on the affected system.
Descripción:	Summary: A vulnerability in the symbolic link operation of the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local attacker to perform a symbolic link attack on the affected system. Vulnerability Insight: The vulnerability is due to insufficient protection of files. An attacker could exploit this vulnerability by creating a malicious symbolic link to a location not otherwise accessible to the attacker. Vulnerability Impact: An exploit could allow the attacker to insert unauthorized content in the linked-to file. Affected Software/OS: Cisco TelePresence Video Communication Server version X8.5.2. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6318 Cisco Security Advisory: 20151007 Cisco TelePresence Video Communication Server Expressway File Modification Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151007-vcs http://www.securitytracker.com/id/1033781
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.