Cisco TelePresence VCS Privilege Escalation Vulnerability (CVE-2015-4325)
Cisco TelePresence VCS Privilege Escalation Vulnerability (CVE-2015-4325)
Release date:
Updated on:
Affected Systems:
Cisco TelePresence Video Communication Server X8.5.2
Description:
CVE (CAN) ID: CVE-2015-4325
Cisco TelePresence is a Cisco TelePresence solution.
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 security vulnerability exists in process management implementation, local users interrupt firestarter. py monitors the process, obtains the elevation permission, and then triggers the process restart with the root account.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-vcs
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse
This article permanently updates the link address: