Vulnerabilities > Cisco > Telepresence System Software IX
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-05 | CVE-2015-6276 | Information Exposure vulnerability in Cisco Telepresence System Software IX 8.0.3 Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. | 5.0 |
| 2015-02-12 | CVE-2015-0611 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence System Software IX 8.0.0/8.0.1 The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account's access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174. | 6.5 |