CVE-2016-1316

CWE-200 — Information Exposure4 documents4 sources

Severity

5.3MEDIUM

EPSS

0.2%

top 54.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Telepresence Video Communication Server Software

Timeline

PublishedFeb 9

Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDcisco/telepresence_video_communication13 versions+12

🔴Vulnerability Details

GHSA

GHSA-x6f7-8vrq-6m6v: Cisco TelePresence Video Communication Server (VCS) X8↗2022-05-17

▶

CVEList

CVE-2016-1316: Cisco TelePresence Video Communication Server (VCS) X8↗2016-02-09

▶

📋Vendor Advisories

Cisco

Cisco Video Communications Server Information Disclosure Vulnerability↗2016-02-09

▶