Lucene search
HistoryFeb 18, 2015 - 2:59 a.m.
CVE-2015-0620
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
6.3
Confidence
High
EPSS
0.004
Percentile
75.1%
The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494.
Affected configurations
Node
ciscotelepresence_management_suiteRange≤14.3\(.2\)
ORciscotelepresence_management_suiteMatch14.3
ORciscotelepresence_management_suiteMatch14.3\(.1\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_management_suite | * | cpe:2.3:a:cisco:telepresence_management_suite:*:*:*:*:*:*:*:* |
| cisco | telepresence_management_suite | 14.3 | cpe:2.3:a:cisco:telepresence_management_suite:14.3:*:*:*:*:*:*:* |
| cisco | telepresence_management_suite | 14.3(.1) | cpe:2.3:a:cisco:telepresence_management_suite:14.3\(.1\):*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0620
2015-02-18 02:00:00
cisco
cisco
Cisco TelePresence Management Suite XML Vulnerability
2015-02-16 21:45:37
prion
prion
Xxe
2015-02-18 02:59:00
cve
cve
CVE-2015-0620
2015-02-18 02:59:03
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
6.3
Confidence
High
EPSS
0.004
Percentile
75.1%
Related for NVD:CVE-2015-0620