Unrated severityNVD Advisory· Published Aug 20, 2015· Updated Jun 17, 2026
CVE-2015-4328
CVE-2015-4328
Description
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified Communications lookup page, aka Bug ID CSCuv12552.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.5.2:*:*:*:expressway:*:*:*
- Range: X8.5.2
Patches
Vulnerability mechanics
References
3- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securityfocus.com/bid/76399nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1033329nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.