Information disclosure in Cisco Telepresence_video_communication_server_software

CVE-2015-4320

The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to obtain sensitive information by reading a log file, aka Bug ID CSCuv12340.

Vulnerability class: Information Disclosure

EPSS: 0.002 (41.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Telepresence_video_communication_server_software — versions x8.5.2
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

76350 (vdb-entry, x_refsource_BID)
1033284 (vdb-entry, x_refsource_SECTRACK)
20150813 Cisco TelePresence Video Communication Server Expressway Information Disclosure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)