Vulnerability in Cisco Telepresence_video_communication_server_software

CVE-2015-6413

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CS…

EPSS: 0.002 (38.1th percentile) — read the EPSS interpretation.

Affected products

Cisco Telepresence_video_communication_server_software — versions x8.6
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

79088 (vdb-entry, x_refsource_BID)
20151209 Cisco TelePresence Video Communication Server Expressway Web Framework Code Unauthorized Access Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1034378 (vdb-entry, x_refsource_SECTRACK)