Test ID:	1.3.6.1.4.1.25623.1.0.806650
Category:	CISCO
Title:	Cisco TelePresence VCS and VCS Expressway Multiple Vulnerabilities (Dec 2015)
Summary:	Cisco TelePresence Video Communication Server is prone to; multiple vulnerabilities.
Description:	Summary: Cisco TelePresence Video Communication Server is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2015-6413: Unauthorized access in the web framework code - CVE-2015-6414: Information disclosure in the key management Vulnerability Impact: Successful exploitation will allow attacker to read and disclose certain sensitive data, and upload TLP files changing contents of VCS. Affected Software/OS: Cisco TelePresence Video Communication Server (VCS) version X8.6. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6414 BugTraq ID: 79065 http://www.securityfocus.com/bid/79065 Cisco Security Advisory: 20151210 Cisco TelePresence Video Communication Server Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-tvcs http://www.securitytracker.com/id/1034429 Common Vulnerability Exposure (CVE) ID: CVE-2015-6413 BugTraq ID: 79088 http://www.securityfocus.com/bid/79088 Cisco Security Advisory: 20151209 Cisco TelePresence Video Communication Server Expressway Web Framework Code Unauthorized Access Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-tvc http://www.securitytracker.com/id/1034378
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.