CVE-2016-1444: Input Validation
First published: Thu Jul 07 2016(Updated: )
The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Video Communication Server | =x8.1 | |
| Cisco TelePresence Video Communication Server | =x8.1.1 | |
| Cisco TelePresence Video Communication Server | =x8.1.2 | |
| Cisco TelePresence Video Communication Server | =x8.2 | |
| Cisco TelePresence Video Communication Server | =x8.2.1 | |
| Cisco TelePresence Video Communication Server | =x8.2.2 | |
| Cisco TelePresence Video Communication Server | =x8.5-rc4 | |
| Cisco TelePresence Video Communication Server | =x8.5.0 | |
| Cisco TelePresence Video Communication Server | =x8.5.1 | |
| Cisco TelePresence Video Communication Server | =x8.5.2 | |
| Cisco TelePresence Video Communication Server | =x8.5.3 | |
| Cisco TelePresence Video Communication Server | =x8.6.0 | |
| Cisco TelePresence Video Communication Server | =x8.6.1 | |
| Cisco TelePresence Video Communication Server | =x8.7 | |
| Cisco Telepresence Video Communication Server Software | =x8.5.1 | |
| Cisco Telepresence Video Communication Server Software | =x8.5.2 | |
| Cisco Telepresence Video Communication Server Software | =x8.5.3 | |
| Cisco Telepresence Video Communication Server Software | =x8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/event
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco telepresence video communication server
- version/cisco telepresence video communication server/x8.1
- version/cisco telepresence video communication server/x8.1.1
- version/cisco telepresence video communication server/x8.1.2
- version/cisco telepresence video communication server/x8.2
- version/cisco telepresence video communication server/x8.2.1
- version/cisco telepresence video communication server/x8.2.2
- version/cisco telepresence video communication server/x8.5-rc4
- version/cisco telepresence video communication server/x8.5.0
- version/cisco telepresence video communication server/x8.5.1
- version/cisco telepresence video communication server/x8.5.2
- version/cisco telepresence video communication server/x8.5.3
- version/cisco telepresence video communication server/x8.6.0
- version/cisco telepresence video communication server/x8.6.1
- version/cisco telepresence video communication server/x8.7
- canonical/cisco telepresence video communication server software
- version/cisco telepresence video communication server software/x8.5.1
- version/cisco telepresence video communication server software/x8.5.2
- version/cisco telepresence video communication server software/x8.5.3
- version/cisco telepresence video communication server software/x8.6