CVE-2016-1387 - CERT CVE

  1. CVE-2016-1387

ID CVE-2016-1387
Sažetak The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Reference
CVSS
Base: 9.0
Impact: 8.5
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL COMPLETE
CVSS vektor AV:N/AC:L/Au:N/C:P/I:P/A:C
Zadnje važnije ažuriranje 01-12-2016 - 03:05
Objavljeno 05-05-2016 - 21:59