Vulnerability Description
The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Video Communication Server Software | x8.5.1 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40439Vendor Advisory
- http://www.securitytracker.com/id/1033266
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40439Vendor Advisory
- http://www.securitytracker.com/id/1033266
FAQ
What is CVE-2015-4314?
CVE-2015-4314 is a vulnerability with a CVSS score of 4.0 (MEDIUM). The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snap...
How severe is CVE-2015-4314?
CVE-2015-4314 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4314?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Video Communication Server Software.