All the vulnerabilites related to cisco - telepresence_recording_server
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD084A4-0AA0-499F-9D2F-9AD0FC87B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B862A01F-71E8-412F-AF83-3A64FB7352EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "909CA78F-933F-4C79-8F91-D6B17FCD7093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C885CA7-3DCC-4C05-8945-FBF2CD08EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D000335-5F60-49A8-B642-A5BEDC6A6820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD9AB4-AC7C-4D3D-AF93-1B9D8AAF31CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B8EF29-8A24-47C7-8108-07B27AF0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CDCC2-5373-447E-9AB2-DEDB5C6327D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "669BF6F3-CE41-43F2-BB6D-E594EB7CFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "606E06B8-B00B-4EE1-A763-A62C9105C5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CECA0482-FD41-46E7-A8F9-54BC665A83FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E431D427-EA04-4296-BB23-D638ADA1FF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70A01B1-CE17-47BF-9035-7168DF790125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A9D905-3740-4B9D-A26C-DFA6CBD2D154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69F84CF3-ED9D-4962-8930-ACB5319AFF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "260AD1B1-D5F3-433D-8B82-DF17197031C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008."
},
{
"lang": "es",
"value": "Java Servlet framework en dispositivos Cisco TelePresence Recording Server devices con software v1.6.x anterior a v1.6.2 y Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x, y v1.6.x no requiere autenticaci\u00f3n administrativa para acciones no especificadas, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una petici\u00f3n manipulada, tambi\u00e9n conocido como error ID CSCtf42005 and CSCtf42008."
}
],
"id": "CVE-2011-0383",
"lastModified": "2024-11-21T01:23:51.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:18.603",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46519"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65602"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_recording_server_software | 1.6.1 | |
| cisco | telepresence_recording_server_software | 1.6.2 | |
| cisco | telepresence_recording_server_software | 1.6.3 | |
| cisco | telepresence_recording_server_software | 1.7.0 | |
| cisco | telepresence_recording_server_software | 1.7.1 | |
| cisco | telepresence_recording_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E2377D-690A-474E-843A-697DA2BDE7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61F55EB7-FF5A-418C-B7B2-F44C5920E266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9628366-5C49-428F-ADA9-4E7765156EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DDE663C-B55B-4561-8269-0B55070B9245",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739."
},
{
"lang": "es",
"value": "La implementaci\u00f3n XML-RPC en dispositivos Cisco TelePresence Recording Server con software v1.6.x y v1.7.x anterior a v1.7.1 permite a atacantes remotos sobreescribir archivos y ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada, tambi\u00e9n conocido como error ID CSCti50739."
}
],
"id": "CVE-2011-0386",
"lastModified": "2024-11-21T01:23:51.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:18.790",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65605"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_recording_server_software | 1.6.1 | |
| cisco | telepresence_recording_server_software | 1.6.2 | |
| cisco | telepresence_recording_server_software | 1.6.3 | |
| cisco | telepresence_recording_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E2377D-690A-474E-843A-697DA2BDE7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61F55EB7-FF5A-418C-B7B2-F44C5920E266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an \"ad hoc recording\" issue, aka Bug ID CSCtf97205."
},
{
"lang": "es",
"value": "Dispositivos Cisco TelePresence Recording Server con software v1.6.x permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento del hilo y corte del dispositivo) a trav\u00e9s de una solicitud con formato incorrecto, relacionado con problema de \"ad hoc recording\", tambi\u00e9n conocido como error ID CSCtf97205."
}
],
"id": "CVE-2011-0391",
"lastModified": "2024-11-21T01:23:52.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:19.057",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-12 10:34
Modified
2024-11-21 01:40
Severity ?
Summary
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_recording_server | * | |
| cisco | telepresence_recording_server | 1.6.1\(2\) | |
| cisco | telepresence_recording_server | 1.6.2\(31\) | |
| cisco | telepresence_recording_server | 1.6.3\(4\) | |
| cisco | telepresence_recording_server | 1.7.0\(190\) | |
| cisco | telepresence_recording_server | 1.7.1\(22\) | |
| cisco | telepresence_recording_server | 1.7.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6C831E-2E44-4B93-8406-5FF6CF2E23F4",
"versionEndIncluding": "1.7.3\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2BBF5E51-247F-4574-8A32-23DB07ED6E8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.2\\(31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8FCFA18B-3AE2-44F0-9C6F-4DE0839AA74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B175720C-9E5F-460D-9111-A22FBF035A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.0\\(190\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21E362D5-C7AF-443C-B3D3-43D97F04E25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.1\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E599CC38-9431-4E7F-ADDF-524042C83DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D042A24-4621-4D8A-AFF5-219300ED4DC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804."
},
{
"lang": "es",
"value": "La interfaz web de administraci\u00f3n en Cisco TelePresence Recording Server anterior a v1.8.0 permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCth85804."
}
],
"id": "CVE-2012-3076",
"lastModified": "2024-11-21T01:40:11.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-12T10:34:42.427",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E2377D-690A-474E-843A-697DA2BDE7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61F55EB7-FF5A-418C-B7B2-F44C5920E266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD084A4-0AA0-499F-9D2F-9AD0FC87B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B862A01F-71E8-412F-AF83-3A64FB7352EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "909CA78F-933F-4C79-8F91-D6B17FCD7093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C885CA7-3DCC-4C05-8945-FBF2CD08EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D000335-5F60-49A8-B642-A5BEDC6A6820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD9AB4-AC7C-4D3D-AF93-1B9D8AAF31CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B8EF29-8A24-47C7-8108-07B27AF0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CDCC2-5373-447E-9AB2-DEDB5C6327D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "669BF6F3-CE41-43F2-BB6D-E594EB7CFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "606E06B8-B00B-4EE1-A763-A62C9105C5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CECA0482-FD41-46E7-A8F9-54BC665A83FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E431D427-EA04-4296-BB23-D638ADA1FF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70A01B1-CE17-47BF-9035-7168DF790125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A9D905-3740-4B9D-A26C-DFA6CBD2D154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69F84CF3-ED9D-4962-8930-ACB5319AFF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "260AD1B1-D5F3-433D-8B82-DF17197031C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065."
},
{
"lang": "es",
"value": "La interfaz web de administraci\u00f3n de dispositivos Cisco TelePresence Recording Server con el software v1.6.x y Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x, y v1.6.x permite a atacantes remotos crear o sobreescribir archivos arbitrarios, y posiblemente ejecutar c\u00f3digo arbitrario, a trav\u00e9s de una solicitud manipulada, tambi\u00e9n conocido como error ID CSCth85786 y CSCth61065."
}
],
"id": "CVE-2011-0385",
"lastModified": "2024-11-21T01:23:51.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:18.727",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65604"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E2377D-690A-474E-843A-697DA2BDE7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61F55EB7-FF5A-418C-B7B2-F44C5920E266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD084A4-0AA0-499F-9D2F-9AD0FC87B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B862A01F-71E8-412F-AF83-3A64FB7352EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "909CA78F-933F-4C79-8F91-D6B17FCD7093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C885CA7-3DCC-4C05-8945-FBF2CD08EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D000335-5F60-49A8-B642-A5BEDC6A6820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD9AB4-AC7C-4D3D-AF93-1B9D8AAF31CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B8EF29-8A24-47C7-8108-07B27AF0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CDCC2-5373-447E-9AB2-DEDB5C6327D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "669BF6F3-CE41-43F2-BB6D-E594EB7CFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "606E06B8-B00B-4EE1-A763-A62C9105C5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CECA0482-FD41-46E7-A8F9-54BC665A83FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E431D427-EA04-4296-BB23-D638ADA1FF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70A01B1-CE17-47BF-9035-7168DF790125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A9D905-3740-4B9D-A26C-DFA6CBD2D154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69F84CF3-ED9D-4962-8930-ACB5319AFF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "260AD1B1-D5F3-433D-8B82-DF17197031C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825."
},
{
"lang": "es",
"value": "Dispositivos TelePresence Recording Server con software v1.6.x y Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x y v1.6.x, no restrige correctamente el acceso remoto a la interfaz servlet de Java RMI, permitiendo a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de memoria y corte Web) a trav\u00e9s de m\u00faltiples peticiones manipuladas, tambi\u00e9n conocido como error ID CSCtg35830 y CSCtg35825."
}
],
"id": "CVE-2011-0388",
"lastModified": "2024-11-21T01:23:51.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:18.900",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46523"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_recording_server_software | 1.6.1 | |
| cisco | telepresence_recording_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a \"command injection vulnerability,\" aka Bug ID CSCtf97221."
},
{
"lang": "es",
"value": "El subsistema CGI en dispositivos Cisco TelePresence Recording Server con software v1.6.x anterior a v1.6.2 permite a atacantes remotos ejecutar comandos arbitrarios mediante una petici\u00f3n al puerto TCP 443, relacionado con una \"vulnerabilidad de inyecci\u00f3n de comandos,\" tambi\u00e9n conocido como error ID CSCtf97221."
}
],
"id": "CVE-2011-0382",
"lastModified": "2024-11-21T01:23:51.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:18.570",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_recording_server_software | 1.6.1 | |
| cisco | telepresence_recording_server_software | 1.6.2 | |
| cisco | telepresence_recording_server_software | 1.6.3 | |
| cisco | telepresence_recording_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F357829D-FEBE-498A-AD14-680411A7C522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E2377D-690A-474E-843A-697DA2BDE7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61F55EB7-FF5A-418C-B7B2-F44C5920E266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73576525-5C00-4D19-8670-F4D8B841A57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833."
},
{
"lang": "es",
"value": "Dispositivos Cisco TelePresence Recording Server con software v1.6.x no requieren de autenticaci\u00f3n para una interfaz XML-RPC, permitiendo a atacantes remotos realizar acciones no especificadas a trav\u00e9s de una sesi\u00f3n en el puerto TCP 8080, tambien conocido como ID CSCtg35833."
}
],
"id": "CVE-2011-0392",
"lastModified": "2024-11-21T01:23:52.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:19.103",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65609"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-12 10:34
Modified
2024-11-21 01:39
Severity ?
Summary
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABAC2DE-6574-4D78-B775-B3A478C0DE84",
"versionEndIncluding": "1.8.3\\(9\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD084A4-0AA0-499F-9D2F-9AD0FC87B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83670AD7-A299-48FD-AF1A-261249AC3333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B862A01F-71E8-412F-AF83-3A64FB7352EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0\\(254\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F01DA6A-CCAA-4560-A853-5113CF36E2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "909CA78F-933F-4C79-8F91-D6B17FCD7093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1\\(30\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A408D94F-1FEF-4E09-BCAA-C3376BE742CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C885CA7-3DCC-4C05-8945-FBF2CD08EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7749883A-F17B-478C-8EDB-FEC1A327CCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D000335-5F60-49A8-B642-A5BEDC6A6820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0\\(222\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A469A75-E05B-46DF-B015-1D6F66FCEDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD9AB4-AC7C-4D3D-AF93-1B9D8AAF31CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2AB36FEE-3C6C-4154-BE60-6739EC32AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B8EF29-8A24-47C7-8108-07B27AF0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C13A0584-2967-4F6F-8C94-367AF9DF5ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CDCC2-5373-447E-9AB2-DEDB5C6327D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5B61CA1A-3A56-4734-9516-21109A8FDFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "669BF6F3-CE41-43F2-BB6D-E594EB7CFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "599E9FA8-86A2-4051-80B4-7B851DA29B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "606E06B8-B00B-4EE1-A763-A62C9105C5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01F0A7D1-8393-4485-ADC1-31095A0741B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CECA0482-FD41-46E7-A8F9-54BC665A83FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "565B635E-6F48-4080-AA65-6D05A3502C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E431D427-EA04-4296-BB23-D638ADA1FF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0\\(108\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FFD50E19-B3A3-4D56-9DF9-AC4636819E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70A01B1-CE17-47BF-9035-7168DF790125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4B850970-475F-40C9-851E-0D7817E370C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A9D905-3740-4B9D-A26C-DFA6CBD2D154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "047DAFF6-BB1D-4E32-AB96-788F932E6CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69F84CF3-ED9D-4962-8930-ACB5319AFF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E85F955E-0D83-4A15-9EE6-0349E081F142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "260AD1B1-D5F3-433D-8B82-DF17197031C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6FC32FCC-820D-4EDC-8DA6-2870FB1157A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB0E3F8-92FA-4DBF-94F0-21E8E568BC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.0.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF9EBA15-173E-4EFA-80D1-01481BC5055F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.1\\(15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D23FE8B0-2FEF-44E2-A8D4-91F8C1425878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.2\\(75\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50B5EC0A-FF69-4CDF-B3EA-5503B1055699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0B833CA-BC58-45A5-AA95-58251EAE16CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21C9A0A6-03FB-42EC-97E0-39BED09C88F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.0\\(1026\\):*:*:*:*:*:*:*",
"matchCriteriaId": "468F358D-D359-4D06-B6DF-A483BDFD69D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.1\\(1041\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E8937CE7-8C1E-40F6-A8E7-2E145E2CCEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11AAD5AE-CC9E-42C9-AE82-F9AAF8D1A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D150A878-0913-4307-ABAA-5456DC20D6C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74C0264-7890-4623-93EB-4D5218ED15C9",
"versionEndIncluding": "1.9.0.1\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.2.3\\(1101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "12193063-0545-402F-87E6-61023184F5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.3.2\\(1393\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90D72D8E-0826-4716-A2EE-B934150EC5F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7\\(2229\\):*:*:*:*:*:*:*",
"matchCriteriaId": "494F0584-197E-4892-BD58-B574DBD090FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1\\(2082\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEAF862B-43D6-42A2-B710-ED803906F251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3\\(2115\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FA3E247-E67F-4237-AF71-FEB0528EC35F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C68D879E-4522-4069-84B7-ED7C511B9D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11\\(3659\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C97CD7F-1ED4-4F44-BC53-5CC3871915B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12\\(3701\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A3BE96-E4F8-4362-A18E-0EBCF4D65490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13\\(3717\\):*:*:*:*:*:*:*",
"matchCriteriaId": "679CFA7C-60D4-4369-905F-B52DCD321603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.0\\(3954\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90C4668B-CB7C-44EB-B352-DED7C252EAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.2\\(4023\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BDB4EBF-C8A1-4CE6-B377-C09983BF3A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.3\\(4042\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43DAFA6C-2A25-499D-B11B-801F9031F2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.4\\(4072\\):*:*:*:*:*:*:*",
"matchCriteriaId": "456BF22C-3010-451F-853F-C46E94E954D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.5\\(4097\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4A64D44-EC08-4601-93AC-6C02A4412D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.6\\(4109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "090FA16C-ABF2-4464-8219-D7A8917A7ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.7\\(4212\\):*:*:*:*:*:*:*",
"matchCriteriaId": "774A9C95-8111-425B-A411-26F614384135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.8\\(4222\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E6D1A003-6593-4934-8518-CC40F3F8ACE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.1\\(4764\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B98FCCA-923C-4501-9B06-70CB3731F49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.2\\(4719\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29E0E9FC-EF3F-470A-93A4-CC9C7A71F6EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.1\\(4864\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AE77C52-E526-4B48-8EFA-5F5C59956308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2\\(4937\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF620174-5C3E-43AF-8AEB-B9DD87F8C451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "315EDAEC-3C60-445A-9613-23D38E8C2873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.4\\(270\\):*:*:*:*:*:*:*",
"matchCriteriaId": "551E171E-973F-47A5-8A7F-70062E76E9CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43DB9A3E-F495-4D22-874F-DDFB73C07534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2177AF2B-BF5C-431C-8899-88ECC4E91BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DBBADC-6367-4F75-9F58-E42A05AC992C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFEAB6C5-3B65-42D0-B597-0322D9F57C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62CBB917-651A-4EB8-842D-0BEA708A1BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34508470-64C3-4A99-BBB0-169AFA3BE50B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF71FA2-B8FC-4AE7-A0FD-8A4FAA0FE510",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_1300_65:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6AFF059-43A9-4419-92AB-D0EAFBE1511D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC14CB1A-DE5C-4877-8FFB-DF2FA1ADE176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF6B03F-670A-4604-8B4F-1F05B146E36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC220DAD-E967-4CC5-9C13-6A5AE98D79EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A13ACECA-121B-4D77-AB54-F579CF67098B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_t3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC98538-DDC7-4694-BF83-575D636D3817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_t3:*:*:custom:*:*:*:*:*",
"matchCriteriaId": "E4E6005C-6268-4180-ABF7-0BEF945EEE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CEC335-24DB-4C7E-B138-D566C95FB30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCAAE92-6F2E-4F11-A240-D5EC67974424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "911B3EBA-5640-458A-B18A-FAC1309F37FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCEB3C5-6C28-4D91-900E-98F0DC02478E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0525801E-2CC2-4206-AA70-7FE7512729E1",
"versionEndIncluding": "1.8.1\\(682\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCFCAA7-1B5E-409D-8388-43B0EAC82624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.1.0.0\\(209\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5C2BF14D-8ADE-4656-A437-2E87E3EB7293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "958731AE-088F-4A27-9748-8F4E6B21222C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.2.0.0\\(200\\):*:*:*:*:*:*:*",
"matchCriteriaId": "787488C6-8368-43EC-9A39-129B09A34C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.3.2\\(466\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2491CBE-8FEE-4507-BAAB-07017013C192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.4.0\\(279\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29C43D8A-884F-4DD6-AAF0-00735826C880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.5.1\\(420\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D057852-D8D8-4C14-A944-496147CBD981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.5.2\\(423\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B86EE60D-1B0A-4C5C-B0ED-BE5D0A020839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.0\\(220\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B3D0011-FF6E-44CC-B9B4-EECF91F391D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.2\\(64\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50547D54-A287-489B-AA2F-36602746221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.3\\(113\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CF42CDF-8499-440B-BB6A-A84D959CEBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.5\\(167\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1DB057EA-8A16-41D4-A985-31A8AE82AB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.1\\(732\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4BBE4038-F575-4E01-8ABC-C5C004E0FF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.2\\(256\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99EDB640-46B3-48E2-8574-71831BEE710B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1764E1-F1F8-4768-9BF6-E781FDEC756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B9409-74CF-4859-9CA3-9C7D7AF19CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.5\\(62\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F30BCAB-7A5D-48C8-AA76-DC70EA4AEBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.8.0\\(582\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5B26D12F-13FC-4E17-A636-68A68F4BA520",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC1A60F-FA12-415C-A043-EE3494A99FBF",
"versionEndIncluding": "1.8.0\\(160\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2BBF5E51-247F-4574-8A32-23DB07ED6E8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.2\\(31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8FCFA18B-3AE2-44F0-9C6F-4DE0839AA74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B175720C-9E5F-460D-9111-A22FBF035A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.0\\(190\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21E362D5-C7AF-443C-B3D3-43D97F04E25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.1\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E599CC38-9431-4E7F-ADDF-524042C83DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D042A24-4621-4D8A-AFF5-219300ED4DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2C04EA6-C8D5-42A0-8314-74734829FEBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del protocolo Cisco Discovery Protocol (CDP) en Cisco TelePresence Multipoint Switch anterior a v1.9.0, Cisco TelePresence Immersive Endpoint Devices anterior a v1.9.1, Cisco TelePresence Manager anterior a v1.9.0, y Cisco TelePresence Recording Server anterior a v1.8.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el env\u00edo de paquetes CDP mal formados, tambi\u00e9n conocido como Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, y CSCtz40953."
}
],
"id": "CVE-2012-2486",
"lastModified": "2024-11-21T01:39:08.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-12T10:34:42.257",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-12 10:34
Modified
2024-11-21 01:40
Severity ?
Summary
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04A362CA-FBED-46BF-8D1A-B4AA478C03E7",
"versionEndIncluding": "1.8.0\\(1026\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD084A4-0AA0-499F-9D2F-9AD0FC87B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "83670AD7-A299-48FD-AF1A-261249AC3333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B862A01F-71E8-412F-AF83-3A64FB7352EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0\\(254\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F01DA6A-CCAA-4560-A853-5113CF36E2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "909CA78F-933F-4C79-8F91-D6B17FCD7093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1\\(30\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A408D94F-1FEF-4E09-BCAA-C3376BE742CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C885CA7-3DCC-4C05-8945-FBF2CD08EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7749883A-F17B-478C-8EDB-FEC1A327CCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D000335-5F60-49A8-B642-A5BEDC6A6820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0\\(222\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A469A75-E05B-46DF-B015-1D6F66FCEDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBD9AB4-AC7C-4D3D-AF93-1B9D8AAF31CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2AB36FEE-3C6C-4154-BE60-6739EC32AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B8EF29-8A24-47C7-8108-07B27AF0FDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2\\(21\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C13A0584-2967-4F6F-8C94-367AF9DF5ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D99CDCC2-5373-447E-9AB2-DEDB5C6327D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5B61CA1A-3A56-4734-9516-21109A8FDFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "669BF6F3-CE41-43F2-BB6D-E594EB7CFCC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "599E9FA8-86A2-4051-80B4-7B851DA29B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "606E06B8-B00B-4EE1-A763-A62C9105C5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01F0A7D1-8393-4485-ADC1-31095A0741B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CECA0482-FD41-46E7-A8F9-54BC665A83FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "565B635E-6F48-4080-AA65-6D05A3502C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E431D427-EA04-4296-BB23-D638ADA1FF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.0\\(108\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FFD50E19-B3A3-4D56-9DF9-AC4636819E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B70A01B1-CE17-47BF-9035-7168DF790125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4B850970-475F-40C9-851E-0D7817E370C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A9D905-3740-4B9D-A26C-DFA6CBD2D154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "047DAFF6-BB1D-4E32-AB96-788F932E6CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "69F84CF3-ED9D-4962-8930-ACB5319AFF6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E85F955E-0D83-4A15-9EE6-0349E081F142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "260AD1B1-D5F3-433D-8B82-DF17197031C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.6.4\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6FC32FCC-820D-4EDC-8DA6-2870FB1157A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB0E3F8-92FA-4DBF-94F0-21E8E568BC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.0.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF9EBA15-173E-4EFA-80D1-01481BC5055F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.1\\(15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D23FE8B0-2FEF-44E2-A8D4-91F8C1425878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.2\\(75\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50B5EC0A-FF69-4CDF-B3EA-5503B1055699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.7.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0B833CA-BC58-45A5-AA95-58251EAE16CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21C9A0A6-03FB-42EC-97E0-39BED09C88F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74C0264-7890-4623-93EB-4D5218ED15C9",
"versionEndIncluding": "1.9.0.1\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.2.3\\(1101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "12193063-0545-402F-87E6-61023184F5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.3.2\\(1393\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90D72D8E-0826-4716-A2EE-B934150EC5F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7\\(2229\\):*:*:*:*:*:*:*",
"matchCriteriaId": "494F0584-197E-4892-BD58-B574DBD090FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1\\(2082\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEAF862B-43D6-42A2-B710-ED803906F251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3\\(2115\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FA3E247-E67F-4237-AF71-FEB0528EC35F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C68D879E-4522-4069-84B7-ED7C511B9D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11\\(3659\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C97CD7F-1ED4-4F44-BC53-5CC3871915B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12\\(3701\\):*:*:*:*:*:*:*",
"matchCriteriaId": "45A3BE96-E4F8-4362-A18E-0EBCF4D65490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13\\(3717\\):*:*:*:*:*:*:*",
"matchCriteriaId": "679CFA7C-60D4-4369-905F-B52DCD321603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.0\\(3954\\):*:*:*:*:*:*:*",
"matchCriteriaId": "90C4668B-CB7C-44EB-B352-DED7C252EAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.2\\(4023\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BDB4EBF-C8A1-4CE6-B377-C09983BF3A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.3\\(4042\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43DAFA6C-2A25-499D-B11B-801F9031F2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.4\\(4072\\):*:*:*:*:*:*:*",
"matchCriteriaId": "456BF22C-3010-451F-853F-C46E94E954D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.5\\(4097\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4A64D44-EC08-4601-93AC-6C02A4412D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.6\\(4109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "090FA16C-ABF2-4464-8219-D7A8917A7ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.7\\(4212\\):*:*:*:*:*:*:*",
"matchCriteriaId": "774A9C95-8111-425B-A411-26F614384135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.8\\(4222\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E6D1A003-6593-4934-8518-CC40F3F8ACE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.1\\(4764\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2B98FCCA-923C-4501-9B06-70CB3731F49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.2\\(4719\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29E0E9FC-EF3F-470A-93A4-CC9C7A71F6EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.1\\(4864\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1AE77C52-E526-4B48-8EFA-5F5C59956308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2\\(4937\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF620174-5C3E-43AF-8AEB-B9DD87F8C451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "315EDAEC-3C60-445A-9613-23D38E8C2873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.4\\(270\\):*:*:*:*:*:*:*",
"matchCriteriaId": "551E171E-973F-47A5-8A7F-70062E76E9CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43DB9A3E-F495-4D22-874F-DDFB73C07534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2177AF2B-BF5C-431C-8899-88ECC4E91BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DBBADC-6367-4F75-9F58-E42A05AC992C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFEAB6C5-3B65-42D0-B597-0322D9F57C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62CBB917-651A-4EB8-842D-0BEA708A1BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34508470-64C3-4A99-BBB0-169AFA3BE50B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_1300_65:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6AFF059-43A9-4419-92AB-D0EAFBE1511D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC14CB1A-DE5C-4877-8FFB-DF2FA1ADE176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF6B03F-670A-4604-8B4F-1F05B146E36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC220DAD-E967-4CC5-9C13-6A5AE98D79EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A13ACECA-121B-4D77-AB54-F579CF67098B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_t3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC98538-DDC7-4694-BF83-575D636D3817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_t3:*:*:custom:*:*:*:*:*",
"matchCriteriaId": "E4E6005C-6268-4180-ABF7-0BEF945EEE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CEC335-24DB-4C7E-B138-D566C95FB30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCAAE92-6F2E-4F11-A240-D5EC67974424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "911B3EBA-5640-458A-B18A-FAC1309F37FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCEB3C5-6C28-4D91-900E-98F0DC02478E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0525801E-2CC2-4206-AA70-7FE7512729E1",
"versionEndIncluding": "1.8.1\\(682\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCFCAA7-1B5E-409D-8388-43B0EAC82624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.1.0.0\\(209\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5C2BF14D-8ADE-4656-A437-2E87E3EB7293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "958731AE-088F-4A27-9748-8F4E6B21222C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.2.0.0\\(200\\):*:*:*:*:*:*:*",
"matchCriteriaId": "787488C6-8368-43EC-9A39-129B09A34C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.3.2\\(466\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2491CBE-8FEE-4507-BAAB-07017013C192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.4.0\\(279\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29C43D8A-884F-4DD6-AAF0-00735826C880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.5.1\\(420\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D057852-D8D8-4C14-A944-496147CBD981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.5.2\\(423\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B86EE60D-1B0A-4C5C-B0ED-BE5D0A020839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.0\\(220\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B3D0011-FF6E-44CC-B9B4-EECF91F391D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.2\\(64\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50547D54-A287-489B-AA2F-36602746221C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.3\\(113\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CF42CDF-8499-440B-BB6A-A84D959CEBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.6.5\\(167\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1DB057EA-8A16-41D4-A985-31A8AE82AB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.1\\(732\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4BBE4038-F575-4E01-8ABC-C5C004E0FF1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.2\\(256\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99EDB640-46B3-48E2-8574-71831BEE710B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1764E1-F1F8-4768-9BF6-E781FDEC756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B9409-74CF-4859-9CA3-9C7D7AF19CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.7.5\\(62\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F30BCAB-7A5D-48C8-AA76-DC70EA4AEBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_manager:1.8.0\\(582\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5B26D12F-13FC-4E17-A636-68A68F4BA520",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC1A60F-FA12-415C-A043-EE3494A99FBF",
"versionEndIncluding": "1.8.0\\(160\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2BBF5E51-247F-4574-8A32-23DB07ED6E8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.2\\(31\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8FCFA18B-3AE2-44F0-9C6F-4DE0839AA74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.6.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B175720C-9E5F-460D-9111-A22FBF035A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.0\\(190\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21E362D5-C7AF-443C-B3D3-43D97F04E25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.1\\(22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E599CC38-9431-4E7F-ADDF-524042C83DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D042A24-4621-4D8A-AFF5-219300ED4DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_recording_server:1.7.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2C04EA6-C8D5-42A0-8314-74734829FEBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338."
},
{
"lang": "es",
"value": "La implementaci\u00f3n IP en Cisco TelePresence Multipoint Switch anterior a v1.8.1, Cisco TelePresence Manager anterior a v1.9.0, y Cisco TelePresence Recording Server v1.8 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante (1) un paquete IP mal formado, (2) una elevada cantidad de conexiones TCP, o (3) una elevada cantidad de conexiones de finalizaci\u00f3n TCP, cambien conocido como bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, y CSCty11338."
}
],
"id": "CVE-2012-3073",
"lastModified": "2024-11-21T01:40:11.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-12T10:34:42.303",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2011-0385
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65604 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025113 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-interface-file-upload(65604)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65604"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-interface-file-upload(65604)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65604"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-interface-file-upload(65604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65604"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "1025113",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0385",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0391
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65607 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46522 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:09.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "telepresence-adhoc-dos(65607)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an \"ad hoc recording\" issue, aka Bug ID CSCtf97205."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "telepresence-adhoc-dos(65607)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an \"ad hoc recording\" issue, aka Bug ID CSCtf97205."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "telepresence-adhoc-dos(65607)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65607"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46522"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0391",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:09.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0382
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46522 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a \"command injection vulnerability,\" aka Bug ID CSCtf97221."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-11T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a \"command injection vulnerability,\" aka Bug ID CSCtf97221."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46522"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0382",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0386
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65605 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46522 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-xmlrpc-file-overwrite(65605)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65605"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-xmlrpc-file-overwrite(65605)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65605"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "telepresence-xmlrpc-file-overwrite(65605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65605"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46522"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0386",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0383
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/46519 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65602 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1025113 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46519"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "telepresence-java-unauth-access(65602)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65602"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "46519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46519"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "telepresence-java-unauth-access(65602)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65602"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46519"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "telepresence-java-unauth-access(65602)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65602"
},
{
"name": "1025113",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0383",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0392
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65609 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46522 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "telepresence-xmlrpc-security-bypass(65609)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65609"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "telepresence-xmlrpc-security-bypass(65609)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65609"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46522"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "telepresence-xmlrpc-security-bypass(65609)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65609"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "46522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46522"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0392",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3076
Vulnerability from cvelistv5
Published
2012-07-12 10:00
Modified
2024-09-17 03:39
Severity ?
EPSS score ?
Summary
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-12T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3076",
"datePublished": "2012-07-12T10:00:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-17T03:39:04.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0388
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025114 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/46523 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1025113 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "46523",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46523"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-11T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "46523",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46523"
},
{
"name": "1025113",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml"
},
{
"name": "1025114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025114"
},
{
"name": "20110223 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml"
},
{
"name": "46523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46523"
},
{
"name": "1025113",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0388",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2486
Vulnerability from cvelistv5
Published
2012-07-12 10:00
Modified
2024-09-17 04:25
Severity ?
EPSS score ?
Summary
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-12T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-2486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-2486",
"datePublished": "2012-07-12T10:00:00Z",
"dateReserved": "2012-05-07T00:00:00Z",
"dateUpdated": "2024-09-17T04:25:44.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3073
Vulnerability from cvelistv5
Published
2012-07-12 10:00
Modified
2024-09-16 16:52
Severity ?
EPSS score ?
Summary
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-12T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Manager",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman"
},
{
"name": "20120711 Multiple Vulnerabilities in Cisco TelePresence Recording Server",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3073",
"datePublished": "2012-07-12T10:00:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T16:52:38.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}