PT-2013-1798 · Cisco · Cisco Telepresence Video Communication Server
Published
2013-01-17
·
Updated
2013-01-29
·
CVE-2012-5444
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco TelePresence Video Communication Server (VCS) version X7.0.3
Description
The issue arises from improper processing of certain search rules, allowing remote attackers to create conferences via an unspecified Conductor request.
Recommendations
For Cisco TelePresence Video Communication Server (VCS) version X7.0.3, update to a version that properly processes search rules to prevent unauthorized conference creation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Telepresence Video Communication Server