Test Kennung:	1.3.6.1.4.1.25623.1.0.106168
Kategorie:	CISCO
Titel:	Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability (cisco-sa-20160803-vcse)
Zusammenfassung:	A vulnerability in the administrative web interface of Cisco; TelePresence Video Communication Server Expressway could allow an authenticated, remote attacker; to execute arbitrary commands on the affected system.
Beschreibung:	Summary: A vulnerability in the administrative web interface of Cisco TelePresence Video Communication Server Expressway could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. Vulnerability Insight: The vulnerability is due to the failure to properly sanitize user input passed to the affected system's scripts. An attacker could exploit this vulnerability by submitting crafted input to the affected fields of the web interface. Vulnerability Impact: Successful exploitation of this vulnerability could allow an attacker to run arbitrary commands on the system. Affected Software/OS: Cisco TelePresence Video Communication Server Expressway version X8.5.2. Solution: Update to version X8.6 or later CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1468 BugTraq ID: 92274 http://www.securityfocus.com/bid/92274 Cisco Security Advisory: 20160803 Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-vcse http://www.securitytracker.com/id/1036529
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.