Vulnerabilities
Vulnerable Software
Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501.
CVSS Score
5.0
EPSS Score
0.002
Published
2015-09-05
The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account's access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174.
CVSS Score
6.5
EPSS Score
0.006
Published
2015-02-12


Contact Us

Shodan ® - All rights reserved