4 matches found
CVE-2015-4328
Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...
Input validation
Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...
CVE-2015-4328
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 is affected by CVE-2015-4328 due to improper authorization of a read-only user attribute, enabling remote authenticated attackers to execute arbitrary OS commands via crafted HTTP requests on the Unified Communications lookup p...
CVE-2015-4328
Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...