CVE-2015-4330

EUVD-2015-4353
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=40541
http://www.securitytracker.com/id/1033442
http://tools.cisco.com/security/center/viewAlert.x?alertId=40541
http://www.securitytracker.com/id/1033442