Insufficient Access Control in Cisco TelePresence IX5000 8.0.3

Insufficient Access Control in Cisco TelePresence IX5000 8.0.3

CVE-2015-6276 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501.

Learn more about our Web App Pen Testing.