CVE-2015-6318
Severity Score
6.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969.
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 y X8.5.2 permite a usuarios locales escribir en archivos arbitrarios a través de un ataque de enlace simbolico no especificado, también conocido como Bug ID CSCuv11969.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-08-17 CVE Reserved
- 2015-10-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1033781 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151007-vcs | 2017-01-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Telepresence Video Communication Server Software Search vendor "Cisco" for product "Telepresence Video Communication Server Software" | x8.5.1 Search vendor "Cisco" for product "Telepresence Video Communication Server Software" and version "x8.5.1" | expressway |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Telepresence Video Communication Server Software Search vendor "Cisco" for product "Telepresence Video Communication Server Software" | x8.5.2 Search vendor "Cisco" for product "Telepresence Video Communication Server Software" and version "x8.5.2" | expressway |
Affected
| ||||||