CVE-2017-3815

An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerability affects Cisco TelePresence Server MSE 8710 Processors that are running a software release prior to Cisco TelePresence Software Release 4.3 and are running in locally managed mode. The vulnerable API was deprecated in Cisco TelePresence Software Release 4.3. More Information: CSCvc37616.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
ciscotelepresence_server_software
4.2\(4.17\)
ciscotelepresence_server_software
4.2\(4.18\)
ciscotelepresence_server_software
4.2\(4.19\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96922
http://www.securitytracker.com/id/1038035
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps
http://www.securityfocus.com/bid/96922
http://www.securitytracker.com/id/1038035
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps