Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco TelePresence System 加密问题漏洞
Vulnerability Description
Cisco TelePresence System(CTS)是美国思科(Cisco)公司的一套被称为网真系统的视频会议解决方案。该方案提供音频、视频空间等组件,可为远程参会者提供一个面对面的虚拟会议室效果。 Cisco CTS 6.0(.5)(5)及之前的版本中存在安全漏洞,该漏洞源于程序没有正确执行传输目录内容中的HTTPS。攻击者可通过阻止CTS和Cisco Unified Communications Manager (UCM)之间的HTTPS连接利用该漏洞实施中间人攻击,获取敏感的目录信息。
CVSS Information
N/A
Vulnerability Type
N/A