Vulnerability Details CVE-2016-1444
The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.8
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-vcs
- http://www.securityfocus.com/bid/91669
- http://www.securitytracker.com/id/1036237
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-vcs
- http://www.securityfocus.com/bid/91669
- http://www.securitytracker.com/id/1036237
Products affected by CVE-2016-1444
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.2
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.2
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.0
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.2
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.3
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6.0
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7
-
cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.5.1
-
cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.5.2
-
cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.5.3
-
cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.6