ID de Prueba:	1.3.6.1.4.1.25623.1.0.809771
Categoría:	CISCO
Título:	Cisco Video Communications Server Security Bypass Vulnerability (cisco-sa-20161207-expressway)
Resumen:	A vulnerability in the HTTP traffic server component of Cisco; Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to; arbitrary hosts. This does not allow for full traffic proxy through the Expressway.
Descripción:	Summary: A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. Vulnerability Insight: The vulnerability is due to insufficient access control for TCP traffic passed through the Cisco Expressway. An attacker could exploit this vulnerability by sending a crafted URL through the Cisco Expressway. Vulnerability Impact: An exploit could allow the attacker to enumerate hosts and services of arbitrary hosts, as well as degrade performance through the Cisco Expressway. Affected Software/OS: Cisco TelePresence Video Communication Server (VCS) version X8.7.2 and X8.8.3. Solution: Upgrade to version X8.9 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9207 BugTraq ID: 94797 http://www.securityfocus.com/bid/94797 http://www.securitytracker.com/id/1037422
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.