Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified Communications lookup page, aka Bug ID CSCuv12552.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco TelePresence Video Communication Server Expressway 安全漏洞
Vulnerability Description
Cisco TelePresence Video Communication Server(VCS)Expressway是美国思科(Cisco)公司的一款网真视频通信服务器,它能够与统一通信和语音通信环境集成,从而为使用各种通信工具的最终用户提供最佳体验。 Cisco TelePresence VCS Expressway X8.5.2版本中存在安全漏洞,该漏洞源于程序没有正确检查用户账户的只读属性。远程攻击者可通过发送特制的HTTP请求利用该漏洞执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A