CVE-2015-4314

CWE-200 ā€” Information Exposure4 documents4 sources
Severity
4.0MEDIUM
EPSS
0.2%
top 60.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server Software
Timeline
PublishedAug 20
Latest updateMay 17

Description

The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

šŸ”“Vulnerability Details

2
GHSA
GHSA-8p99-9wv6-j35h: The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8ā†—2022-05-17
ā–¶
CVEList
CVE-2015-4314: The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8ā†—2015-08-20
ā–¶

šŸ“‹Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server Expressway Information Disclosure Vulnerabilityā†—2015-08-12
ā–¶
CVE-2015-4314 (MEDIUM CVSS 4) | The System Snapshot feature in Cisc | cvebase.io