Lucene search

K
ciscoCiscoCISCO-SA-EXPRESSWAY-OVERWRITE-3BUQW8LH
HistoryJul 06, 2022 - 4:00 p.m.

Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

2022-07-0616:00:00
tools.cisco.com
18

0.002 Low

EPSS

Percentile

51.5%

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device.

Note: Cisco Expressway Series refers to the Expressway Control (Expressway-C) device and the Expressway Edge (Expressway-E) device.

For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH”]

0.002 Low

EPSS

Percentile

51.5%

Related for CISCO-SA-EXPRESSWAY-OVERWRITE-3BUQW8LH