A vulnerability in the Password Change functionality in the Administrative Web Interface of the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, remote attacker to make unauthorized changes to user passwords.
The vulnerability is due to insufficient enforcement in the authorization process. An attacker could exploit this vulnerability by sending a specially crafted packet to the target device. An exploit could allow the attacker to change the password of active users to conduct further attacks.
Cisco has confirmed the vulnerability and software updates are available.
An authenticated, remote attacker could utilize this vulnerability by sending a specially crafted packet to the targeted device.
To exploit this vulnerability, an attacker requires authenticated access to the targeted system. Authenticated access may require the attacker to access trusted, internal networks. These requirements could limit the likelihood of a successful exploit.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.