CVE-2015-4315
Description
The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external DTDs, which allows remote authenticated users to read arbitrary files or cause a denial of service via a crafted XML document, aka Bug ID CSCuv31853.
Risk Information
Base Score
6.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:L
EPSS Score
Exploitation Probability
0.455
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Input Validation Vulnerability (CVE-2015-4315) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234