Cisco Security Advisory - Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities

Started by Netwörkheäd, June 09, 2023, 06:01:24 AM

Previous topic - Next topic

Netwörkheäd

Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system.


Note: "Cisco Expressway Series" refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices.


For more information about these vulnerabilities, see the Details section of this advisory.


Cisco has released software updates that address these vulnerabilities. There are workarounds that address one of these vulnerabilities.


This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-priv-esc-Ls2B9t7b


     
         
Security Impact Rating:  Critical
   
   
       
CVE: CVE-2023-20105,CVE-2023-20192
Source: Cisco Expressway Series and Cisco TelePresence Video Communication Server Privilege Escalation Vulnerabilities
Let's not argue. Let's network!