Virtual Security Research, LLC. Security Advisory – On December 2nd, VSR identified an authentication bypass vulnerability in TANDBERG’s Video Communication Server, firmware version x4.2.1. This vulnerability allows for the complete bypass of authentication in the administrative web console. Since this web interface can be used to execute arbitrary code on the appliance as root (via software updates), the severity is considered critical.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88241/tandberg-bypass.txt
Source: https://packetstormsecurity.com/files/88241/Tandberg-VCS-Authentication-Bypass.html