Vulnerability in Cisco Telepresence_video_communication_server

CVE-2012-5444

Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request, aka Bug ID CSCub67989.

EPSS: 0.002 (47.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Telepresence_video_communication_server
Cisco Telepresence_video_communication_servers_software — versions x7.0.3
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20130112 Cisco TelePresence Video Communication Server Vulnerability in Policy Services (x_refsource_CISCO, vendor-advisory, Vendor Advisory)