CVE-2015-6261

CWE-200Information Exposure8 documents6 sources
Severity
4.0MEDIUM
EPSS
0.1%
top 64.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server Software
Timeline
PublishedAug 26
Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-pc34-r93m-6qjp: Cisco TelePresence Video Communication Server (VCS) Expressway X82022-05-17
OSV
libidn vulnerabilities2016-08-24
CVEList
CVE-2015-6261: Cisco TelePresence Video Communication Server (VCS) Expressway X82015-08-26

📋Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server Expressway TFTP Information Disclosure Vulnerability2015-08-25
CVE-2015-6261 (MEDIUM CVSS 4) | Cisco TelePresence Video Communicat | cvebase.io