Lucene search

CiscoCVE-2015-0696

HistoryApr 15, 2015 - 10:59 a.m.

CVE-2015-0696

2015-04-1510:59:02

CWE-79

cisco

web.nvd.nist.gov

cve-2015-0696

cross-site scripting

xss

vulnerability

cisco tc software

cisco telepresence

cscuq94977

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

43.4%

JSON

Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977.

Affected configurations

Nvd

Node

ciscotelepresence_tc_softwareMatch6.0.0

ciscotelepresence_tc_softwareMatch6.0.0-cucm

ciscotelepresence_tc_softwareMatch6.0.1

ciscotelepresence_tc_softwareMatch6.0.1-cucm

ciscotelepresence_tc_softwareMatch6.0.2

ciscotelepresence_tc_softwareMatch6.0_base

ciscotelepresence_tc_softwareMatch6.1.0

ciscotelepresence_tc_softwareMatch6.1.0-cucm

ciscotelepresence_tc_softwareMatch6.1.1

ciscotelepresence_tc_softwareMatch6.1.1-cucm

ciscotelepresence_tc_softwareMatch6.1.2

ciscotelepresence_tc_softwareMatch6.1.2-cucm

ciscotelepresence_tc_softwareMatch6.1_base

ciscotelepresence_tc_softwareMatch6.3_base

VendorProductVersionCPE
ciscotelepresence_tc_software6.0.0cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.0.0-cucmcpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.0.1cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.0.1-cucmcpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.0.2cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.0_basecpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.1.0cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.1.0-cucmcpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.1.1cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*
ciscotelepresence_tc_software6.1.1-cucmcpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_tc_software	6.0.0	cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:::::::*
cisco	telepresence_tc_software	6.0.0-cucm	cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:::::::*
cisco	telepresence_tc_software	6.0.1	cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:::::::*
cisco	telepresence_tc_software	6.0.1-cucm	cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:::::::*
cisco	telepresence_tc_software	6.0.2	cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:::::::*
cisco	telepresence_tc_software	6.0_base	cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:::::::*
cisco	telepresence_tc_software	6.1.0	cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:::::::*
cisco	telepresence_tc_software	6.1.0-cucm	cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:::::::*
cisco	telepresence_tc_software	6.1.1	cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:::::::*
cisco	telepresence_tc_software	6.1.1-cucm	cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:::::::*

Rows per page:

1-10 of 141

References

tools.cisco.com/security/center/viewAlert.x?alertId=38349

www.securitytracker.com/id/1032137

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

43.4%

JSON

Related for CVE-2015-0696