CVE-2015-4328
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 is affected by CVE-2015-4328 due to improper authorization of a read-only user attribute, enabling remote authenticated attackers to execute arbitrary OS commands via crafted HTTP requests on the Unified Communications lookup p...