CVE-2016-1387

CVE Database · CVE-2016-1387

CVE-2016-1387

· N/AModified

CVSS v3.1

N/A

EPSS

1.78%

Published

May 5, 2016

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.

Weaknesses (CWE)

CWE-287

Affected Products (6)

cisco · telepresence_tc_softwarevulnerable

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml

Vendor Advisory

http://www.securitytracker.com/id/1035744

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml

Vendor Advisory

http://www.securitytracker.com/id/1035744

KEV Catalog EPSS Scores Vendors All CVEs