CVE-2016-9207

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. Affected Products: This vulnerability affects Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS). More Information: CSCvc10834. Known Affected Releases: X8.7.2 X8.8.3. Known Fixed Releases: X8.9.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:expressway:x8.7.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:expressway:x8.8.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-12-14 00:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9207

Mitre link : CVE-2016-9207

CVE.ORG link : CVE-2016-9207


JSON object : View

Products Affected

cisco

  • expressway
CWE
CWE-20

Improper Input Validation

CWE-254

7PK - Security Features