CVE-2016-1387

The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_tc_software:7.3.3:*:*:*:*:*:*:*

History

21 Nov 2024, 02:46

Type Values Removed Values Added
References () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml - Vendor Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml - Vendor Advisory
References () http://www.securitytracker.com/id/1035744 - () http://www.securitytracker.com/id/1035744 -

Information

Published : 2016-05-05 21:59

Updated : 2024-11-21 02:46


NVD link : CVE-2016-1387

Mitre link : CVE-2016-1387

CVE.ORG link : CVE-2016-1387


JSON object : View

Products Affected

cisco

  • telepresence_tc_software
CWE
CWE-287

Improper Authentication