VDB

CVE-2019-1872

CVE-2019-1872 PUBLISHED CVSS 5.300000190734863 MEDIUM

A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitrary network requests. The vulnerability is due to improper restrictions on network services in the affected software. An attacker could exploit this vulnerability by sending malicious requests to the affected system. A successful exploit could allow the attacker to send arbitrary network requests sourced from the affected system.

EPSS 0.32% · 55.1th percentile

Risk Scores

CVSS 3.0
5.300000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
0.32%
55.1th percentile

Affected Products

VendorProductVersions
CiscoCisco TelePresence Video Communication Server (VCS)unspecified
ciscotelepresence_video_communication_server0

Exploit Intelligence

Timeline

  • Jun 5, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›