CVE-2016-1444

Published: Jul 7, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitability: 3.9 / Impact: 2.5

Source: NVD

Description

The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.

Affected (18)

Products: Cisco: Telepresence Video Communication Server, Telepresence Video Communication Server Software

Cisco

2 products

Telepresence Video Communication Server

Telepresence Video Communication Server Software

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Cisco Telepresence Video Communication Server	Version x8.1.1
Cisco Telepresence Video Communication Server	Version x8.1.2
Cisco Telepresence Video Communication Server	Version x8.1
Cisco Telepresence Video Communication Server	Version x8.2.1
Cisco Telepresence Video Communication Server	Version x8.2.2
Cisco Telepresence Video Communication Server	Version x8.2
Cisco Telepresence Video Communication Server	Version x8.5.0
Cisco Telepresence Video Communication Server	Version x8.5.1
Cisco Telepresence Video Communication Server	Version x8.5.2
Cisco Telepresence Video Communication Server	Version x8.5.3
Cisco Telepresence Video Communication Server	Version x8.5 rc4
Cisco Telepresence Video Communication Server	Version x8.6.0
Cisco Telepresence Video Communication Server	Version x8.6.1
Cisco Telepresence Video Communication Server	Version x8.7
Cisco Telepresence Video Communication Server Software	Version x8.5.1
Cisco Telepresence Video Communication Server Software	Version x8.5.2
Cisco Telepresence Video Communication Server Software	Version x8.5.3
Cisco Telepresence Video Communication Server Software	Version x8.6