QID 38912
Date Published: 2023-10-23
QID 38912: Cisco TelePresence Video Communication Server Command Injection Vulnerability (cisco-sa-expressway-injection-X475EbTQ)
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.
Affected Products
Cisco TelePresence VCS Release prior to version 14.3.1
QID Detection Logic (Unauthenticated):
The check matches version of Cisco TelePresence Video Communication Server on the exposed banner information under the SIP banner.
Note: This is banner based detection and cannot check for a workaround, hence QID is kept as practice.
However, an attacker with read-write privileges on the application could enable this feature to carry out the exploit.
Customers are advised to refer to cisco-sa-expressway-injection-X475EbTQ for more information.
- cisco-sa-expressway-injection-X475EbTQ -
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-injection-X475EbTQ
CVEs related to QID 38912
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-expressway-injection-X475EbTQ |
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-injection-X475EbTQ |