CVE-2016-1468

CWE-78OS Command Injection4 documents4 sources
Severity
8.8HIGH
EPSS
1.5%
top 18.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Telepresence Video Communication Server
Timeline
PublishedAug 8
Latest updateMay 17

Description

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-39fg-mxcp-4qr2: The administrative web interface in Cisco TelePresence Video Communication Server Expressway X82022-05-17
CVEList
CVE-2016-1468: The administrative web interface in Cisco TelePresence Video Communication Server Expressway X82016-08-08

📋Vendor Advisories

1
Cisco
Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability2016-08-03
CVE-2016-1468 (HIGH CVSS 8.8) | The administrative web interface in | cvebase.io