CVE-2015-6276

Name of the Vulnerable Software and Affected Versions Cisco TelePresence IX5000 version 8.0.3

Description The issue allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices by directly requesting the certificate directory, due to insufficient access control of a private key associated with an X.509 certificate stored under the web root.

Recommendations For Cisco TelePresence IX5000 version 8.0.3, restrict access to the certificate directory to minimize the risk of exploitation. Consider implementing proper access controls for the private key to prevent unauthorized access.