HomePentest-Tools.com Logo

Cisco TelePresence Integrator C Series Authentication Bypass Vulnerability CVE-2015-4271

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Cisco TelePresence Integrator C Series devices running TC Software are prone to an authentication-bypass vulnerability because it fails to sufficiently sanitize the user-supplied input.

Risk description

A vulnerability in Cisco TelePresence Integrator C Series could allow an unauthenticated, remote attacker to bypass authentication. The vulnerability is due to insufficient validation of user-supplied values. An attacker could exploit this vulnerability by sending multiple request parameters to an affected device. This issue is tracked by Cisco Bug ID CSCuv00604 An attacker can exploit this issue to bypass the authentication mechanism on an affected device. This may lead to further attacks.

Recommendation

Update to 7.3.4 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 15, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available