Vulnerability Details CVE-2016-1387
The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 9.0
References
Products affected by CVE-2016-1387
-
cpe:2.3:a:cisco:telepresence_tc_software:7.2.0
-
cpe:2.3:a:cisco:telepresence_tc_software:7.2.1
-
cpe:2.3:a:cisco:telepresence_tc_software:7.3.0
-
cpe:2.3:a:cisco:telepresence_tc_software:7.3.1
-
cpe:2.3:a:cisco:telepresence_tc_software:7.3.2
-
cpe:2.3:a:cisco:telepresence_tc_software:7.3.3