KLA10504
Multiple vulnerabilities in Cisco products
Updated: 06/01/2019
Detect date
?
03/19/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in Cisco products.

Below is a complete list of vulnerabilities

  1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands;
  2. An unknown vulnerability in Cisco CSS can be exploited remotely via a specially designed SSH packets;
  3. Improper DNS implementation in Cisco VDS-IS can be exploited remotely via a specially designed packets;
  4. XSS vulnerability in Cisco WebEx Meetings Server can be exploited remotely via an unspecified vectors.
Affected products

Cisco Virtual TelePresence Server Software all versions
Cisco Content Services Switch (CSS) 11500 devices versions 8.20.4.02 and earlier
Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) version 3.2
Cisco WebEx Meetings Server versions 2.5 and 2.5.99.2 

Solution

Update to latest version!

Impacts
?
DoS 
[?]

CI 
[?]

SB 
[?]
CVE-IDS
?
CVE-2015-06715.0Critical
CVE-2015-06684.3Warning
CVE-2015-06607.2High
CVE-2015-06675.0Critical