Cisco Bug: CSCte55677 - SOAP Calendar Service Authentication Bypass
Nov 12, 2015
- Cisco TelePresence System 3000 Series
Known Affected Releases
Symptoms: When configured in secure mode the Conference Scheduling service does not require authentication. This could allow an unauthenticated attacker that can access an affected device to manipulate the scheduled meeting list on the IP Phone that is connected to the Endpoint System. Conditions: Systems running an affected version of Cisco TelePresence Endpoint software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases