Guest

Preview Tool

Cisco Bug: CSCus89088 - Cleartext password exposed in the web interface

Last Modified

Aug 11, 2015

Products (11)

  • Cisco TelePresence System MXP Series
  • Cisco TelePresence System Codec 3000 MXP
  • Cisco TelePresence System Profile 52-inch Dual MXP
  • Cisco TelePresence System Educator MXP Model
  • Cisco TelePresence System 1000 MXP
  • Cisco TelePresence System Integrator Package 3000 MXP
  • Cisco TelePresence System Profile MXP Model
  • Cisco TelePresence System Codec 6000 MXP
  • Cisco TelePresence System Integrator Package 6000 MXP
  • Cisco TelePresence System Profile 52-inch MXP
View all products in Bug Search Tool Login Required

Known Affected Releases

F9.1 F9.1.2

Description (partial)

Symptoms:

A vulnerability in the Cisco Telepresence (formerly Tandberg) Edge  could allow an authenticated, remote attacker to have ''read'' access to certain
information stored in the affected system.

The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods.  

Conditions:
An affected system with an authenticated administrator account in order to log in.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.