Bypassing Access Restrictions and Reading Configuration Files in Cisco TelePresence VCS Expressway X8.5.2

CVE-2015-6261 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531.

Learn more about our Cis Benchmark Audit For Server Software.