CVE-2015-0696
Summary
| CVE | CVE-2015-0696 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-04-15 10:59:00 UTC |
| Updated | 2017-01-06 17:09:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Telepresence Tc Software | 6.0.0 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.0-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.1 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.1-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.2 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0_base | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.0 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.0-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.1 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.1-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.2 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.2-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1_base | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.3_base | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.0 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.0-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.1 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.1-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0.2 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.0_base | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.0 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.0-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.1 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.1-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.2 | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1.2-cucm | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.1_base | All | All | All |
| Application | Cisco | Telepresence Tc Software | 6.3_base | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Multiple Cisco TelePresence Products Cross-Site Scripting Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| Cisco TelePresence Collaboration Desk and Room Endpoints Input Validation Flaw Permits Cross-Site Scripting Attacks - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.