Cisco Bug: CSCte55694 - SOAP Calendar Service Authentication Credential Exposure.
Nov 12, 2015
- Cisco TelePresence System 3000 Series
Known Affected Releases
CVE ASSIGNED: CVE-2011-2036 DDTS ID: CSCte55694 Status: New RNE Release CVE: No Previous Assignments Affected: All currently released versions, to be fixed in a future release. Symptoms: Cisco TelePresence Endpoint Systems not configured for secure communications transmit the username and password pair utilized for scheduling meetings with the Cisco TelePresence Manager in the clear. This could allow an attacker with the ability to capture or view network traffic between these two devices to gain knowledge of these credentials. Conditions: Systems running an affected version of Cisco TelePresence Endpoint software and not configured for Secure Communications mode.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases