Command injection

2019-10-2919:15:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.9%

JSON

Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.

CPENameOperatorVersion
telepresence_video_communication_servereq< x7.0.3

CPE	Name	Operator	Version
	telepresence_video_communication_server	eq	< x7.0.3

References

www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/release_note/Cisco_VCS_Release_Note_X7-0-3.pdf