CVE-2019-15277 is a vulnerability in Cisco Telepresence Collaboration Endpoint
Published on October 16, 2019
Cisco TelePresence Collaboration Endpoint Software Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute code with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating as the remote support user and sending malicious traffic to a listener who is internal to the device. A successful exploit could allow the attacker to execute commands with root privileges.
Weakness Type
Permissions, Privileges, and Access Controls
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Products Associated with CVE-2019-15277
Want to know whenever a new CVE is published for Cisco Telepresence Collaboration Endpoint? stack.watch will email you.
Affected Versions
Cisco TelePresence TC Software:- Version unspecified and below n/a is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.