Cisco TelePresence Management Suite Web Services

Cisco TelePresence Management Suite (TMS) software implements a Simple Object Access Protocol (SOAP) interface that by design allows unauthenticated access to web services designed to provide management features to devices.

At first publication of the advisory, the management feature was not documented and may have represented unknown risks to customers implementing the feature within their environments. Customers should refer to page 18 of the Cisco TMS Admin Guide for additional information that documents the management feature.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-soap

Security Impact Rating: Informational

CVE: CVE-2019-1660

Source:: Cisco Security Advisories