NVD

Id
23084  
Name
CVE-2015-0620  
Description
The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly handle external entities, which allows remote authenticated users to cause a denial of service via POST requests, aka Bug ID CSCus51494.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2015-02-17  
Modified Date
2015-10-23  
Seq
2015-0620  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
122848 23084 CVE-2015-0620 20150216 Cisco TelePresence Management Suite XML Vulnerability  View
122849 23084 CVE-2015-0620 http://tools.cisco.com/security/center/viewAlert.x?alertId=37491  View
122850 23084 CVE-2015-0620 1031753  View
122851 23084 CVE-2015-0620 cisco-telepresence-cve20150620-dos(100924)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6226 JVNDB-2015-001546 Cisco TelePresence Management Suite の XML パーサにおけるサービス運用妨害 (DoS) の脆弱性 Cisco TelePresence Management Suite (TMS) の XML パーサは、外部エンティティを適切に処理しないため、サービス運用妨害 (DoS) 状態にされる脆弱性が存在します。 CVE-2015-0620 77831 CVE-2015-0620 23084 4 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001546.html 2015-02-16 2015-02-23 View