CVE-2015-4327: Input Validation
First published: Thu Aug 20 2015(Updated: )
The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Video Communication Server Firmware | =x8.5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-4327?
CVE-2015-4327 has a medium severity rating due to the potential for local users to gain root privileges.
How do I fix CVE-2015-4327?
To fix CVE-2015-4327, upgrade to a version of Cisco TelePresence Video Communication Server that addresses this vulnerability.
Who is affected by CVE-2015-4327?
CVE-2015-4327 affects local users of Cisco TelePresence Video Communication Server Expressway version X8.5.2.
What type of attack does CVE-2015-4327 involve?
CVE-2015-4327 involves a local privilege escalation attack that allows users to gain root access.
Is CVE-2015-4327 exploitable remotely?
CVE-2015-4327 is not remotely exploitable as it requires local user access to the system.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco telepresence video communication server firmware
- version/cisco telepresence video communication server firmware/x8.5.2