Cisco Video Communications Server HTTP Traffic Server Security Bypass Vulnerability CVE-2016-9207
- CVSSv3 Score
- Vulnerability description
Cisco TelePresence Video Communication Server is prone to a security bypass vulnerability.
- Risk description
The flaw exists due to insufficient access control for TCP traffic passed through the Cisco Expressway. Successful exploitation will allow remote attacker to initiate TCP connections to arbitrary hosts, and enumerate hosts and services of arbitrary hosts, as well as degrade performance through the Cisco Expressway.
Upgrade to Cisco TelePresence Video Communication Server (VCS) X8.9 or later.
- Not available