PT-2013-1798 · Cisco · Cisco Telepresence Video Communication Server

Publicado

2013-01-17

·

Atualizado

2013-01-29

·

CVE-2012-5444

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Cisco TelePresence Video Communication Server (VCS) version X7.0.3
Description The issue arises from improper processing of certain search rules, allowing remote attackers to create conferences via an unspecified Conductor request.
Recommendations For Cisco TelePresence Video Communication Server (VCS) version X7.0.3, update to a version that properly processes search rules to prevent unauthorized conference creation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2012-5444

Produtos afetados

Cisco Telepresence Video Communication Server