Home Unlabelled Cisco TelePresence Video Communication Server Expressway File Modification Vulnerability

Cisco TelePresence Video Communication Server Expressway File Modification Vulnerability

By
Wednesday, October 07, 2015
Read
Add Comment
A vulnerability in the symbolic link operation of the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local attacker to perform a symbolic link attack on the affected system.

The vulnerability is due to insufficient protection of files. An attacker could exploit this vulnerability by creating a malicious symbolic link to a location not otherwise accessible to the attacker. An exploit could allow the attacker to insert unauthorized content in the linked-to file.

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.

This advisory is available at the following link: http://ift.tt/1j9qn46

from Cisco Security Advisory http://ift.tt/1j9qn46
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us