Cisco TelePresence Video Communication Server (VCS) Expressway TFTP Authentication Flaw Lets Remote Authenticated Users Access a Configuration File on the Target System : 8/26/2015 7:17:58 AM
Create a free account with New Relic and get this swanky shirt for FREE! From our sponsors |
| Vulnerability Databse |
| This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
Cisco TelePresence Video Communication Server (VCS) Expressway TFTP Authentication Flaw Lets Remote Authenticated Users Access a Configuration File on the Target System
8/26/2015 12:00:00 AM
| Cisco TelePresence Video Communication Server (VCS) Expressway TFTP Authentication Flaw Lets Remote Authenticated Users Access a Configuration File on the Target System |
| SecurityTracker Alert ID: 1033379 |
| SecurityTracker URL: http://securitytracker.com/id/1033379 |
| CVE Reference: CVE-2015-6261 (Links to External Site) |
| Date: Aug 26 2015 |
| Impact: Disclosure of system information |
| Vendor Confirmed: Yes |
| Version(s): VCS Expressway X8.5.2 |
| Description: A vulnerability was reported in Cisco TelePresence VCS Expressway. A remote authenticated user can access data on the target system. A remote authenticated user with the Mobile and Remote Access (MRA) role can exploit an authentication flaw in the TFTP server to obtain a configuration file from the target device. The vendor has assigned bug ID CSCuv78531 to this vulnerability. |
| Impact: A remote authenticated user can obtain a configuration file on the target system. |
| Solution: No solution was available at the time of this entry. The Cisco advisory is available at: http://tools.cisco.com/security/center/viewAlert.x?alertId=40620 |
| Vendor URL: tools.cisco.com/security/center/viewAlert.x?alertId=40620 (Links to External Site) |
| Cause: Authentication error |
| Underlying OS: |
| |
| Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
Diberdayakan oleh Blogger.