Miembros de
Boletines de Vulnerabilidades |
Cisco TelePresence Video Communication Server Cross-Site Request Forgery Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to execute unwanted actions.The vulnerability is due to a lack of cross-site request forgery (CSRF) protections. An attacker could exploit this vulnerability by persuading a user of the web application to execute an adverse action.Cisco has not released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.This advisory is More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-tvcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Video%20Communication%20Server%20Cross-Site%20Request% |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-6376. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-11-21 |