CVE-2016-1387
published 2016-05-05CVE-2016-1387: The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_tc_software | — | — |
| cisco | telepresence_xml_application_programming_interface | — | — |