Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco Video Communications Server Information Disclosure Vulnerability - Feb16

Information

Severity

Severity

Medium

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

This host is running Cisco TelePresence Video Communication Server and is prone to information disclosure vulnerability.

Insight

Insight

The flaw exists due to a failure to properly protect an informational URL that contains aggregated call statistics.

Affected Software

Affected Software

Cisco TelePresence Video Communication Server (VCS) version X8.1 through X8.7 when used in conjunction with Jabber Guest.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Update to version X8.8 or later. For details refer to the linked vendor advisory.

Common Vulnerabilities and Exposures (CVE)