Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in a local file script in Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with elevated privilege.The vulnerability is due to insufficient protection of a specific local file script. An attacker could exploit this vulnerability by providing invalid parameters to a local file. An exploit could allow the attacker to execute arbitrary code on the underlying
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150901-CVE-2015-4330?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Video%20Communication%20Server%20Expressway%2 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|