Cisco TelePresence VCS Expressway Series 8.5.2 Multiple Vulnerabilities

medium Nessus Plugin ID 85651

Language:

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version, the instance of Cisco TelePresence Video Communication Server (VCS) Expressway running on the remote host is affected by multiple vulnerabilities :

- A command injection vulnerability exists in the web framework component due to insufficient validation of user-supplied input. An authenticated, remote attacker can exploit this, via a specially crafted request, to inject arbitrary commands that execute at the 'nobody' user privilege level. (CVE-2015-4303)

- An access vulnerability exists in the Mobile and Remote Access (MRA) endpoint-validation feature due to improper validation of the phone line used for registration. An authenticated, remote attacker can exploit this, via a crafted Session Initiation Protocol (SIP) message, to register their phones and impersonate legitimate users.
(CVE-2015-4316)

- A denial of service vulnerability exists due to insufficient handling of malformed authentication messages. An unauthenticated, remote attacker can exploit this, via a crafted authentication packet with invalid variables, to cause a denial of service condition. (CVE-2015-4317)

- A denial of service vulnerability exists due to insufficient handling of malformed GET request messages.
An unauthenticated, remote attacker can exploit this, via a crafted packet with invalid variables, to cause a denial of service condition. (CVE-2015-4318)

- A security bypass vulnerability exists in the Password Change functionality due to insufficient enforcement in the authorization process. An authenticated, remote attacker can exploit this, via a specially crafted packet, to reset arbitrary active-user passwords.
(CVE-2015-4319)

- An information disclosure vulnerability exists in the Configuration Log File component due to the inclusion of sensitive information in certain log files. An authenticated, remote attacker can exploit this to view the sensitive information in the log files.
(CVE-2015-4320)

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCuv12333, CSCuv12338, and CSCuv12340. For Cisco bug IDs CSCuv40396, CSCuv40469, and CSCuv40528 contact the vendor for a fix.

Plugin Details

Severity: Medium

ID: 85651

File Name: cisco_telepresence_vcs_multiple_852.nasl

Version: 1.6

Type: remote

Family: CISCO

Published: 8/26/2015

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2015-4303

CVSS v3

Risk Factor: Medium

Base Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/h:cisco:telepresence_video_communication_server, cpe:/a:cisco:telepresence_video_communication_server, cpe:/a:cisco:telepresence_video_communication_server_software

Required KB Items: Cisco/TelePresence_VCS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 8/14/2015

Vulnerability Publication Date: 8/12/2015

Reference Information

CVE: CVE-2015-4303, CVE-2015-4316, CVE-2015-4317, CVE-2015-4318, CVE-2015-4319, CVE-2015-4320

BID: 76322, 76347, 76350, 76351, 76353, 76366

CISCO-BUG-ID: CSCuv12333, CSCuv12338, CSCuv12340, CSCuv40396, CSCuv40469, CSCuv40528

Detections

Analytics

Cisco TelePresence VCS Expressway Series 8.5.2 Multiple Vulnerabilities

medium Nessus Plugin ID 85651

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information