Searching
..

Click anywhere to stop

KLA10504
Multiple vulnerabilities in Cisco products

Updated: 06/03/2020
Detect date
?
03/19/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in Cisco products.

Below is a complete list of vulnerabilities

  1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands;
  2. An unknown vulnerability in Cisco CSS can be exploited remotely via a specially designed SSH packets;
  3. Improper DNS implementation in Cisco VDS-IS can be exploited remotely via a specially designed packets;
  4. XSS vulnerability in Cisco WebEx Meetings Server can be exploited remotely via an unspecified vectors.
Affected products

Cisco Virtual TelePresence Server Software all versions
Cisco Content Services Switch (CSS) 11500 devices versions 8.20.4.02 and earlier
Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) version 3.2
Cisco WebEx Meetings Server versions 2.5 and 2.5.99.2 

Solution

Update to latest version!

Impacts
?
DoS 
[?]

CI 
[?]

SB 
[?]
Related products
Cisco WebEx Meetings Server
Cisco Videoscape Distribution Suite for Internet Streaming
Cisco Virtual TelePresence Server
CVE-IDS
?
CVE-2015-06715.0Critical
CVE-2015-06684.3Warning
CVE-2015-06607.2High
CVE-2015-06675.0Critical
Find out the statistics of the vulnerabilities spreading in your region