CVE-2015-6261

Cisco TelePresence VCS Expressway X8.5.2 - Sensitive Info Exposure via TFTP

Title source: llm
STIX 2.1

Description

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033379
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40620

Scores

EPSS 0.0155
EPSS Percentile 72.0%

Details

CWE
CWE-200
Status published
Products (1)
cisco/telepresence_video_communication_server_software x8.5.2
Published Aug 26, 2015
Tracked Since Feb 18, 2026