CVE-2015-6413

CWE-2644 documents4 sources
Severity
4.0MEDIUM
EPSS
0.2%
top 61.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server Software
Timeline
PublishedDec 13
Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-58fm-pmp5-q9g7: Cisco TelePresence Video Communication Server (VCS) Expressway X82022-05-17
CVEList
CVE-2015-6413: Cisco TelePresence Video Communication Server (VCS) Expressway X82015-12-13

📋Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server Expressway Web Framework Code Unauthorized Access Vulnerability2015-12-09
CVE-2015-6413 (MEDIUM CVSS 4) | Cisco TelePresence Video Communicat | cvebase.io