Описание
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Связанные уязвимости
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Уязвимость микропрограммного обеспечения шлюза Cisco Expressway и микропрограммного обеспечения устройства управления вызовами Cisco TelePresence Video Communication Server, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю просмотреть содержимое произвольного файла на сервере или выполнить сетевое сканирование внутренней и внешней инфраструктуры