KLA10504
Multiple vulnerabilities in Cisco products
Обновлено: 17/06/2019
Дата обнаружения
19/03/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Cisco products.

Below is a complete list of vulnerabilities

  1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands;
  2. An unknown vulnerability in Cisco CSS can be exploited remotely via a specially designed SSH packets;
  3. Improper DNS implementation in Cisco VDS-IS can be exploited remotely via a specially designed packets;
  4. XSS vulnerability in Cisco WebEx Meetings Server can be exploited remotely via an unspecified vectors.
Пораженные продукты

Cisco Virtual TelePresence Server Software all versions
Cisco Content Services Switch (CSS) 11500 devices versions 8.20.4.02 and earlier
Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) version 3.2
Cisco WebEx Meetings Server versions 2.5 and 2.5.99.2 

Решение

Update to latest version!

Оказываемое влияние
?
DoS 
[?]

CI 
[?]

SB 
[?]
Связанные продукты
Cisco WebEx Meetings Server
Cisco Videoscape Distribution Suite for Internet Streaming
Cisco Virtual TelePresence Server
CVE-IDS
CVE-2015-06715.0Critical
CVE-2015-06684.3Warning
CVE-2015-06607.2High
CVE-2015-06675.0Critical