Unrated severityNVD Advisory· Published Nov 18, 2020· Updated Nov 13, 2024
Cisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation Vulnerability
CVE-2020-26068
Description
A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this vulnerability by using the xAPI service to generate a specific token. A successful exploit could allow the attacker to use the generated token to enable experimental features on the device that should not be available to users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: n/a
Patches
Vulnerability mechanics
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tp-uathracc-jWNESUfMmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.