CVE-2015-4319

The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338.

Severity	MEDIUM
CVSS	5.5
CWE	CWE-255
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Cisco TelePresence Video Communication Server (VCS) Expressway	Cisco-SA-20150814-CVE-2015-4319	Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS)	Cisco-SA-20150814-CVE-2015-4319	Cisco OpenVuln
Cisco TelePresence	Cisco-SA-20150814-CVE-2015-4319	Cisco OpenVuln