An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco…
cisco·CWE-319·Published 2017-03-17
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerability affects Cisco TelePresence Server MSE 8710 Processors that are running a software release prior to Cisco TelePresence Software Release 4.3 and are running in locally managed mode. The vulnerable API was deprecated in Cisco TelePresence Software Release 4.3. More Information: CSCvc37616.
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerability affects Cisco TelePresence Server MSE 8710 Processors that are running a software release prior to Cisco TelePresence Software Release 4.3 and are running in locally managed mode. The vulnerable API was deprecated in Cisco TelePresence Software Release 4.3. More Information: CSCvc37616.
Una vulnerabilidad de privilegios de API en Cisco TelePresence Server Software podría permitir que un atacante remoto no autenticado emule los puntos finales de Cisco TelePresence Server. Productos afectados: Esta vulnerabilidad afecta a los procesadores Cisco TelePresence Server MSE 8710 que ejecutan una versión de software anterior a Cisco TelePresence Software Release 4.3 y se ejecutan en modo administrado localmente. El API vulnerable estaba obsoleto en Cisco TelePresence Software Release 4.3. Más información: CSCvc37616.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 5.0 | 10.0 | 2.9 | AV:N/AC:L/Au:N/C:P/I:N/A:N |
| 3.0 | Primary | NVD | 5.3 | 3.9 | 1.4 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |