The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1035744 - |
Information
Published : 2016-05-05 21:59
Updated : 2024-11-21 02:46
NVD link : CVE-2016-1387
Mitre link : CVE-2016-1387
CVE.ORG link : CVE-2016-1387
JSON object : View
Products Affected
cisco
- telepresence_tc_software
CWE
CWE-287
Improper Authentication