Arbitrary Command Execution Vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.2

CVE-2015-4303 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333.

Learn more about our Web App Pen Testing.