Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco TelePresence IX5000 信息泄露漏洞
Vulnerability Description
Cisco TelePresence IX5000 Series是美国思科(Cisco)公司的IX5000系列网真系统视频会议解决方案。该方案提供音频、视频空间等组件,可为远程参会者提供一个面对面的虚拟会议室效果。 Cisco TelePresence IX5000 8.0.3版本中存在安全漏洞,该漏洞源于程序在访问控制不足的Web根目录下存储X.509证书相关的私钥。远程攻击者可通过向证书目录发送直接的请求利用该漏洞解密捕获的HTTPS流量,冒充IX5000设备。
CVSS Information
N/A
Vulnerability Type
N/A