CVE-2015-6414

CWE-200Information Exposure4 documents4 sources
Severity
2.1LOW
EPSS
0.0%
top 88.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server Software
Timeline
PublishedDec 13
Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protection mechanisms by leveraging knowledge of a key from another installation, aka Bug ID CSCuw64516.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-876p-j7c4-v654: Cisco TelePresence Video Communication Server (VCS) X82022-05-17
CVEList
CVE-2015-6414: Cisco TelePresence Video Communication Server (VCS) X82015-12-13

📋Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server Information Disclosure Vulnerability2015-12-10
CVE-2015-6414 (LOW CVSS 2.1) | Cisco TelePresence Video Communicat | cvebase.io