Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability
Información sobre el sistema

Software afectado	Cisco
Descripción
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-injection-X475EbTQ?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Expressway%20Series%20and%20Cisco%20TelePresence%20Video%20Communication%20Server%20Command%20Injection%20Vulnerability&vs_k=1
Identificadores estándar
Propiedad	Valor
CVE	CVE-2023-20209.

TRABAJAMOS PARA FORTALECER LA CIBERSEGURIDAD DE ESPAÑA

Ayudamos a mejorar las capacidades de prevención, detección y respuesta a ciberamenazas de la Administración Pública. Impulsamos la creación de un ciberescudo único para nuestro país.