CVE-2015-4329

Cisco TelePresence Video Communication Server X8.5.2 - Authenticated Remote Code Execution via HTTP Request

Title source: llm
STIX 2.1

Description

The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/76395
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033329
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40523

Scores

EPSS 0.0229
EPSS Percentile 81.1%

Details

CWE
CWE-20
Status published
Products (1)
cisco/telepresence_video_communication_server_software x8.5.2
Published Aug 20, 2015
Tracked Since Feb 18, 2026