Vulnerabilites related to cisco - sx10_firmware
Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ex60_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25AE211E-E216-456C-A418-54A9F1D4A528", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ex60:-:*:*:*:*:*:*:*", matchCriteriaId: "4DCB5C6D-7E0A-4C3C-953A-DE9176060335", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ex90_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "50D1F2D2-17F2-4A96-AF6B-DFFE5FDF6E9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ex90:-:*:*:*:*:*:*:*", matchCriteriaId: "92DC52BD-9704-4406-9F8B-44049A18BC8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sx10_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "46CAB451-2370-4FDA-981A-2402BCA610DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:sx10:-:*:*:*:*:*:*:*", matchCriteriaId: "318D0E10-B389-45A7-8B53-F515C0E8CA31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sx20_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2EFB48F0-3B5A-4DD2-BB68-38BA42043DA8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:sx20:-:*:*:*:*:*:*:*", matchCriteriaId: "18EB7279-FB2E-433D-A6DA-5E5E94725C27", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:sx80_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B803447B-B889-41DE-8254-BBEF0D664FC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:sx80:-:*:*:*:*:*:*:*", matchCriteriaId: "BD91FCB6-AF82-4425-BBBC-7CDD8CBF7978", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_codec_c40_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1AF8E71F-0EDA-473A-A673-E29CAC50C256", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_codec_c40:-:*:*:*:*:*:*:*", matchCriteriaId: "B87CEA3A-2CF3-48DF-935F-31553CAC1ED8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_codec_c60_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7549095E-BC00-449F-98AD-2FDF61506AB0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_codec_c60:-:*:*:*:*:*:*:*", matchCriteriaId: "0754B77C-E888-461E-AA1E-74B78DA59B78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_codec_c90_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "53020625-037E-46A9-B970-C30802BDC111", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_codec_c90:-:*:*:*:*:*:*:*", matchCriteriaId: "0BFF6AA3-4850-40A3-8211-82F60F14ACD3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_mx200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "70567CFE-DEBD-4285-BB11-6EDC94126949", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_mx200:-:*:*:*:*:*:*:*", matchCriteriaId: "392D3BBE-8C2D-4643-95DB-79CF5CEDBC6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_mx300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CC55F6C2-D7FA-4BCA-961E-4994F577D151", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_mx300:-:*:*:*:*:*:*:*", matchCriteriaId: "63ED55F5-C88A-463D-9D5D-347D8C85AC43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_mx700_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A7F13426-3904-4A07-B1B9-1464F5E083DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_mx700:-:*:*:*:*:*:*:*", matchCriteriaId: "89C485F0-17FF-4785-ABF1-BC6CB38196E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:telepresence_mx800_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EF15695E-752D-4C94-9A77-0BB56F10CA1F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:telepresence_mx800:-:*:*:*:*:*:*:*", matchCriteriaId: "16DE9D91-7C80-4BDB-B4B4-FACD56957999", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "61A0EF95-7CC5-4EE2-A5D8-803195F63F49", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*", matchCriteriaId: "E6554B9F-CD89-49B4-B55A-510B1C881C4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "68546316-D08D-4E0B-BDDE-BF6320B730EB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0EC6FF-44F6-4033-BDAF-A396C2635D3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "85FDA9FB-BB79-4A60-B825-D68B3719BFE3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*", matchCriteriaId: "A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5565DF04-82F3-40C7-8E82-44A0DA72398B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*", matchCriteriaId: "15073B83-81ED-4E98-8521-1320F8120C3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*", matchCriteriaId: "31842684-B05D-4E17-9229-EC6993E78612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69224767-0E2B-4A85-A7F1-77C6B41668DE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*", matchCriteriaId: "5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*", matchCriteriaId: "C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "90095155-ABC0-43C9-896A-55A797EC2055", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*", matchCriteriaId: "9A983D4D-9E04-45CE-BE3C-9FCD0018837F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA1BD59F-078D-45D2-AC39-C479A4C6E7CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*", matchCriteriaId: "AD45F341-FAD8-4B10-B28C-8697E51C6B61", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account.", }, { lang: "es", value: "Una vulnerabilidad en la API del endpoint de video (xAPI) de Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, y Cisco RoomOS Software, podría permitir a un atacante remoto autenticado conducir ataques de salto de directorio en un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de la entrada suministrada por el usuario para la xAPI del software afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición diseñada hacia la xAPI. Una explotación con éxito podría permitir al atacante leer y escribir archivos arbitrarios en el sistema. Para explotar esta vulnerabilidad, un atacante podría necesitar un In-Room Control o una cuenta de administrador", }, ], id: "CVE-2020-3143", lastModified: "2024-11-21T05:30:24.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "ykramarz@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-23T01:15:15.410", references: [ { source: "ykramarz@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", }, ], sourceIdentifier: "ykramarz@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "ykramarz@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2020-3143
Vulnerability from cvelistv5
Published
2020-09-23 00:25
Modified
2024-11-13 18:06
Severity ?
EPSS score ?
Summary
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account.
References
▼ | URL | Tags |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ | vendor-advisory, x_refsource_CISCO |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco TelePresence TC Software |
Version: n/a |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.620Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3143", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:18:05.411231Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:06:58.585Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco TelePresence TC Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-01-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-23T00:25:21", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", }, ], source: { advisory: "cisco-sa-telepresence-path-tr-wdrnYEZZ", defect: [ [ "CSCvs45241", "CSCvs67675", "CSCvs67680", ], ], discovery: "INTERNAL", }, title: "Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-01-22T16:00:00", ID: "CVE-2020-3143", STATE: "PUBLIC", TITLE: "Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco TelePresence TC Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", }, ], }, source: { advisory: "cisco-sa-telepresence-path-tr-wdrnYEZZ", defect: [ [ "CSCvs45241", "CSCvs67675", "CSCvs67680", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3143", datePublished: "2020-09-23T00:25:21.647542Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:06:58.585Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }