Authentication Bypass Vulnerability in Cisco TelePresence Endpoints

Authentication Bypass Vulnerability in Cisco TelePresence Endpoints

CVE-2013-3405 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The web portal in TC software on Cisco TelePresence endpoints does not require an exact password match during a login attempt by a user who has not configured a password, which allows remote attackers to bypass authentication by sending an arbitrary password, aka Bug ID CSCud96071.

Learn more about our Cis Benchmark Audit For Cisco.