CVE-2015-6318

Name of the Vulnerable Software and Affected Versions Cisco TelePresence Video Communication Server versions X8.5.1 through X8.5.2

Description The issue exists due to insufficient input validation in the device's firmware, allowing a local attacker to read arbitrary files. Additionally, a symlink attack can be used to write to arbitrary files.

Recommendations For versions X8.5.1 and X8.5.2, consider restricting local access to the device until a patch is available. As a temporary workaround, restrict write access to sensitive files and directories to minimize the risk of exploitation.