The web interface in Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) uses predictable session IDs based on time values, which makes it easier for remote malicious users to hijack sessions via a brute-force attack, aka Bug ID CSCti54048.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified_videoconferencing_system_5110_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_5115_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_5110 |
||
cisco unified_videoconferencing_system_5115 |
||
cisco unified_videoconferencing_system_3545_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_5230_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_3527_primary_rate_interface_gateway_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_3522_basic_rate_interface_gateway_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_3515_multipoint_control_unit_firmware 7.0.1.13.3 |
||
cisco unified_videoconferencing_system_3527_primary_rate_interface_gateway |
||
cisco unified_videoconferencing_system_3522_basic_rate_interface_gateway |
||
cisco unified_videoconferencing_system_3515_multipoint_control_unit |
||
cisco unified_videoconferencing_system_3545 |
||
cisco unified_videoconferencing_system_5230 |