CVE-2015-4255

Name of the Vulnerable Software and Affected Versions Cisco TelePresence IP Gateway version 2.0(3.34)

Description The issue is related to a cross-site request forgery (CSRF) vulnerability, which allows remote attackers to hijack the authentication of arbitrary users. This means an attacker could potentially access user authentication data without permission.

Recommendations For Cisco TelePresence IP Gateway version 2.0(3.34), consider disabling access to sensitive authentication endpoints as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.