CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
75.1%
The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_management_suite | * | cpe:2.3:a:cisco:telepresence_management_suite:*:*:*:*:*:*:*:* |
cisco | telepresence_management_suite | 14.3 | cpe:2.3:a:cisco:telepresence_management_suite:14.3:*:*:*:*:*:*:* |
cisco | telepresence_management_suite | 14.3(.1) | cpe:2.3:a:cisco:telepresence_management_suite:14.3\(.1\):*:*:*:*:*:*:* |