CVE-2015-4325

CWE-2644 documents4 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 73.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server Software
Timeline
PublishedOct 12
Latest updateMay 17

Description

The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by the root account, aka Bug ID CSCuv12272.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

đź”´Vulnerability Details

2
GHSA
GHSA-g737-hc9q-f5p5: The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8↗2022-05-17
â–¶
CVEList
CVE-2015-4325: The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8↗2015-10-12
â–¶

đź“‹Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server (VCS) Expressway Privilege Escalation Vulnerability↗2015-10-06
â–¶
CVE-2015-4325 (MEDIUM CVSS 6.9) | The process-management implementati | cvebase.io