 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.105335 |
| Category: | CISCO |
| Title: | Cisco TelePresence Video Communication Server (VCS) Multiple Vulnerabilities (Oct 2015) |
| Summary: | Cisco TelePresence Video Communication Server Expressway is; prone to multiple vulnerabilities. |
| Description: | Summary: Cisco TelePresence Video Communication Server Expressway is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2015-4303: Command injection (Cisco-SA-20150812-CVE-2015-4303) - CVE-2015-4316: Insufficient validation of the registering phone line (Cisco-SA-20150813-CVE-2015-4316) - CVE-2015-4317: Denial of Service (DoS) (Cisco-SA-20150813-CVE-2015-4317) - CVE-2015-4318: Denial of Service (DoS) (Cisco-SA-20150813-CVE-2015-4318) - CVE-2015-4319: Insufficient enforcement in the authorization process (Cisco-SA-20150814-CVE-2015-4319) - CVE-2015-4320: Information disclosure (Cisco-SA-20150813-CVE-2015-4320) Affected Software/OS: Cisco TelePresence Video Communication Server Expressway version X8.5.2. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-4303 BugTraq ID: 76322 http://www.securityfocus.com/bid/76322 Cisco Security Advisory: 20150812 Cisco TelePresence Video Communication Server Command Injection Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40433 http://www.securitytracker.com/id/1033268 Common Vulnerability Exposure (CVE) ID: CVE-2015-4316 BugTraq ID: 76353 http://www.securityfocus.com/bid/76353 Cisco Security Advisory: 20150813 Cisco TelePresence Video Communication Server Expressway Access Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40445 http://www.securitytracker.com/id/1033282 Common Vulnerability Exposure (CVE) ID: CVE-2015-4317 BugTraq ID: 76351 http://www.securityfocus.com/bid/76351 Cisco Security Advisory: 20150813 Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40444 http://www.securitytracker.com/id/1033281 Common Vulnerability Exposure (CVE) ID: CVE-2015-4318 BugTraq ID: 76347 http://www.securityfocus.com/bid/76347 http://tools.cisco.com/security/center/viewAlert.x?alertId=40443 Common Vulnerability Exposure (CVE) ID: CVE-2015-4319 BugTraq ID: 76366 http://www.securityfocus.com/bid/76366 Cisco Security Advisory: 20150814 Cisco TelePresence Video Communication Server Expressway Access Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40442 http://www.securitytracker.com/id/1033323 Common Vulnerability Exposure (CVE) ID: CVE-2015-4320 BugTraq ID: 76350 http://www.securityfocus.com/bid/76350 Cisco Security Advisory: 20150813 Cisco TelePresence Video Communication Server Expressway Information Disclosure Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=40441 http://www.securitytracker.com/id/1033284 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |