Search criteria
81 vulnerabilities found for telepresence_tc_software by cisco
FKIE_CVE-2017-6648
Vulnerability from fkie_nvd - Published: 2017-06-08 13:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_ce_software:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7981082F-B80B-49A5-8AAE-BFA377ED9460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21D19C90-19D2-46E5-BDA7-F7125F7A2878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "E88E8ECB-9A40-4B2A-B1E1-EB9CB69D322A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "357A8344-F77C-4D95-AFFC-930E3E177630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "03F8F06D-174D-4FEB-880F-825019FF2415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "A6349908-7468-43BA-ACF2-4166FC95405C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "47981023-90C1-46D1-BCD6-6BE64364C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "83DB0369-FA22-43FE-9E0B-B370B44490B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "982DC39F-5FA0-4450-8C36-447270BFFC36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "536F8A9D-59C6-42E4-B672-8B1D909F8535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1B1533-30F2-40AB-8429-2E7606EC06CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "32B5EEDB-7471-45C2-956B-466626E9EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9729B0D4-F6E5-4683-947B-D73C6B147897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9C5EE1-0733-499E-92D0-4CFFFD370E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9B046A6F-BEAA-4052-8896-0FA33B6BEEE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "BC20694E-FD91-4932-9AB5-1E1C8DD01BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9056D02-E7C8-47B3-8CEF-E485CA6EC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "70496628-EF39-4E54-BC9E-E2D9BDC00C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E50B4A0E-7851-4C1A-AAA7-2E4EF655056D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5A78C8-E5BA-44B8-91EE-B07E400EE7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F177059-DA78-4F84-AA72-B6C5CA212BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "01392813-2BC7-4A4E-AF57-443E886E2643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "33CFCB77-65F1-48BF-8057-1F9C56BF7DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9D68BFBE-50A4-4565-BCDA-29BF2B5B962C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12DD1C-DF28-4B4B-93FB-6E346D810BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DD8580-644F-4640-8127-CC345DC5CDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8B32A35F-D1AF-490E-A1CB-612E5BC2E9DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "62C20678-F9B0-488C-B1B4-C04005F5E3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB861F3A-CA8F-493B-B63E-C27007D7A498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A72D4048-53D6-4B3A-8148-4C7F5354D3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49545BCD-C2F3-46EC-9F77-34639054E46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB8B703-A9BD-4A63-BC62-3F031440B00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "739D968B-C97E-4C1D-A4F0-CC1FA0956E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B9063887-80F9-4898-8F69-36178D9C4BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "873E6F91-E3A8-4B6F-87F0-2FC843A0521F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACE9AFC-B520-44A9-90E9-0921AA25FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383A9D84-B1CA-42E1-B863-42B7F30A0DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E1EDB9-0C99-4067-BA23-94EA3225C0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5B5124-D5AF-46E4-81DF-A63DB4A3141D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0012942-BB39-42EE-AB7F-46E503140016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6627DC6B-166F-4DC9-A330-4C6063C3AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3501B65-DF7C-4E58-894A-E0280A68DA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35BCB121-C70F-44BC-80EE-415BDCF0E3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B300EE45-2582-41E9-9F7F-4CB81D51E964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB135B8-A4D2-4DDA-96F4-B3149441567B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDC6BAF-3133-47A9-9149-FD92BE55C130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD1A653-986F-472F-A9B0-904653661DBE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Session Initiation Protocol (SIP) del programa TelePresence Codec (TC) y Collaboration Endpoint (CE) de Cisco, podr\u00eda permitir a un atacante remoto no identificado causar que un endpoint de TelePresence se vuelva a cargar inesperadamente, resultado una condici\u00f3n denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a la falta de mecanismos de control de flujo dentro del programa. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo de paquetes INVITE de SIP hacia el dispositivo afectado. Una vulnerabilidad podr\u00eda permitir al atacante afectar la disponibilidad de los servicios y datos del dispositivo, incluida una condici\u00f3n DoS completa. Esta vulnerabilidad afecta a las siguientes plataformas TC y CE de Cisco cuando se ejecutan versiones de programas anteriores a TC 7.3.8 y CE 8.3.0. IDs de Bug de Cisco: CSCux94002."
}
],
"id": "CVE-2017-6648",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-08T13:29:00.517",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1038624"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-6459
Vulnerability from fkie_nvd - Published: 2016-11-19 03:03 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 7.1.0 | |
| cisco | telepresence_tc_software | 7.1.1 | |
| cisco | telepresence_tc_software | 7.1.2 | |
| cisco | telepresence_tc_software | 7.1.3 | |
| cisco | telepresence_tc_software | 7.1.4 | |
| cisco | telepresence_tc_software | 7.3.0 | |
| cisco | telepresence_tc_software | 7.3.1 | |
| cisco | telepresence_tc_software | 7.3.2 | |
| cisco | telepresence_tc_software | 7.3.3 | |
| cisco | telepresence_tc_software | 8.0.0 | |
| cisco | telepresence_tc_software | 8.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "873E6F91-E3A8-4B6F-87F0-2FC843A0521F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACE9AFC-B520-44A9-90E9-0921AA25FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383A9D84-B1CA-42E1-B863-42B7F30A0DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E1EDB9-0C99-4067-BA23-94EA3225C0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5B5124-D5AF-46E4-81DF-A63DB4A3141D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3501B65-DF7C-4E58-894A-E0280A68DA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35BCB121-C70F-44BC-80EE-415BDCF0E3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7217AEE6-8BE5-46AC-8972-F7BDD1E48B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF60AFA-2B8A-4810-8E7C-E80E5294DCC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0."
},
{
"lang": "es",
"value": "Los puntos finales de Cisco TelePresence que ejecutan cualquiera de los software CE o TC contienen una vulnerabilidad que podr\u00eda permitir a un atacante local autenticado ejecutar una inyecci\u00f3n de comando shell local. M\u00e1s informaci\u00f3n: CSCvb25010. Lanzamientos conocidos afectados: 8.1.x. Lanzamientos conocidos solucionados: 6.3.4 7.3.7 8.2.2 8.3.0."
}
],
"id": "CVE-2016-6459",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-19T03:03:02.507",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/94075"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1037187"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1387
Vulnerability from fkie_nvd - Published: 2016-05-05 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 7.2.0 | |
| cisco | telepresence_tc_software | 7.2.1 | |
| cisco | telepresence_tc_software | 7.3.0 | |
| cisco | telepresence_tc_software | 7.3.1 | |
| cisco | telepresence_tc_software | 7.3.2 | |
| cisco | telepresence_tc_software | 7.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0012942-BB39-42EE-AB7F-46E503140016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6627DC6B-166F-4DC9-A330-4C6063C3AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3501B65-DF7C-4E58-894A-E0280A68DA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35BCB121-C70F-44BC-80EE-415BDCF0E3FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935."
},
{
"lang": "es",
"value": "La API XML en TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4 y 7.3.5 y Collaboration Endpoint (CE) 8.0.0, 8.0.1 y 8.1.0 en Cisco TelePresence Software maneja incorrectamente la autenticaci\u00f3n, lo que permite a atacantes remotos ejecutar comandos de control o realizar cambios de configuraci\u00f3n a trav\u00e9s de una petici\u00f3n API, tambi\u00e9n conocido como Bug ID CSCuz26935."
}
],
"id": "CVE-2016-1387",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-05T21:59:04.423",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1035744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035744"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-4271
Vulnerability from fkie_nvd - Published: 2015-07-15 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39880 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032931 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39880 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032931 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 7.3.0 | |
| cisco | telepresence_tc_software | 7.3.1 | |
| cisco | telepresence_tc_software | 7.3.2 | |
| cisco | telepresence_tc_software | 7.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3501B65-DF7C-4E58-894A-E0280A68DA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35BCB121-C70F-44BC-80EE-415BDCF0E3FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604."
},
{
"lang": "es",
"value": "Cisco TelePresence TC anterior a 7.3.4 en dispositivos Integrator C permite a atacantes remotos eludir la autenticaci\u00f3n a trav\u00e9s de vectores que involucran m\u00faltiples par\u00e1metros de petici\u00f3n, tambi\u00e9n conocido como Bug ID CSCuv00604."
}
],
"id": "CVE-2015-4271",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-15T18:59:00.960",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032931"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0770
Vulnerability from fkie_nvd - Published: 2015-06-07 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39210 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032511 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39210 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032511 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 6.3.0 | |
| cisco | telepresence_tc_software | 6.3.1 | |
| cisco | telepresence_tc_software | 6.3.2 | |
| cisco | telepresence_tc_software | 6.3.3 | |
| cisco | telepresence_tc_software | 7.1.0 | |
| cisco | telepresence_tc_software | 7.1.1 | |
| cisco | telepresence_tc_software | 7.1.2 | |
| cisco | telepresence_tc_software | 7.1.3 | |
| cisco | telepresence_tc_software | 7.1.4 | |
| cisco | telepresence_tc_software | 7.2.0 | |
| cisco | telepresence_tc_software | 7.2.1 | |
| cisco | telepresence_tc_software | 7.3.0 | |
| cisco | telepresence_tc_software | 7.3.1 | |
| cisco | telepresence_tc_software | 7.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB861F3A-CA8F-493B-B63E-C27007D7A498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A72D4048-53D6-4B3A-8148-4C7F5354D3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49545BCD-C2F3-46EC-9F77-34639054E46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB8B703-A9BD-4A63-BC62-3F031440B00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "873E6F91-E3A8-4B6F-87F0-2FC843A0521F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACE9AFC-B520-44A9-90E9-0921AA25FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383A9D84-B1CA-42E1-B863-42B7F30A0DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E1EDB9-0C99-4067-BA23-94EA3225C0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5B5124-D5AF-46E4-81DF-A63DB4A3141D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0012942-BB39-42EE-AB7F-46E503140016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6627DC6B-166F-4DC9-A330-4C6063C3AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3501B65-DF7C-4E58-894A-E0280A68DA62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en Cisco TelePresence TC 6.x anterior a 6.3.4 y 7.x anterior a 7.3.3 en los dispositivos Integrator C SX20 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y realizar ataques de la divisi\u00f3n de respuestas HTTP a trav\u00e9s de una URL manipulada, tambi\u00e9n conocido como Bug ID CSCut79341."
}
],
"id": "CVE-2015-0770",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-07T18:59:05.470",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032511"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-93"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0722
Vulnerability from fkie_nvd - Published: 2015-05-25 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21D19C90-19D2-46E5-BDA7-F7125F7A2878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "E88E8ECB-9A40-4B2A-B1E1-EB9CB69D322A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "357A8344-F77C-4D95-AFFC-930E3E177630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "03F8F06D-174D-4FEB-880F-825019FF2415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "A6349908-7468-43BA-ACF2-4166FC95405C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "47981023-90C1-46D1-BCD6-6BE64364C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "83DB0369-FA22-43FE-9E0B-B370B44490B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "982DC39F-5FA0-4450-8C36-447270BFFC36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "536F8A9D-59C6-42E4-B672-8B1D909F8535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1B1533-30F2-40AB-8429-2E7606EC06CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "32B5EEDB-7471-45C2-956B-466626E9EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9729B0D4-F6E5-4683-947B-D73C6B147897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "BC20694E-FD91-4932-9AB5-1E1C8DD01BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9056D02-E7C8-47B3-8CEF-E485CA6EC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "70496628-EF39-4E54-BC9E-E2D9BDC00C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E50B4A0E-7851-4C1A-AAA7-2E4EF655056D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5A78C8-E5BA-44B8-91EE-B07E400EE7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "01392813-2BC7-4A4E-AF57-443E886E2643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "33CFCB77-65F1-48BF-8057-1F9C56BF7DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9D68BFBE-50A4-4565-BCDA-29BF2B5B962C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12DD1C-DF28-4B4B-93FB-6E346D810BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DD8580-644F-4640-8127-CC345DC5CDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8B32A35F-D1AF-490E-A1CB-612E5BC2E9DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "62C20678-F9B0-488C-B1B4-C04005F5E3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB861F3A-CA8F-493B-B63E-C27007D7A498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A72D4048-53D6-4B3A-8148-4C7F5354D3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49545BCD-C2F3-46EC-9F77-34639054E46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB8B703-A9BD-4A63-BC62-3F031440B00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "739D968B-C97E-4C1D-A4F0-CC1FA0956E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "873E6F91-E3A8-4B6F-87F0-2FC843A0521F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACE9AFC-B520-44A9-90E9-0921AA25FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "383A9D84-B1CA-42E1-B863-42B7F30A0DE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E1EDB9-0C99-4067-BA23-94EA3225C0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF5B5124-D5AF-46E4-81DF-A63DB4A3141D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0012942-BB39-42EE-AB7F-46E503140016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6627DC6B-166F-4DC9-A330-4C6063C3AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F58A78-36B5-4CF0-B71D-DF451479F451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B87019A-1277-483E-AAD1-17A53FAD7121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20F63626-8F70-4EE8-80A7-24614640E2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2083FC5B-B24C-49C9-B44B-29C9F9A27BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98814197-69ED-414D-9B16-9E43C2244106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD0EDC3-3932-4DB2-9562-682808B20DD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952."
},
{
"lang": "es",
"value": "Los controladores de red en Cisco TelePresence T, Cisco TelePresence TE, y Cisco TelePresence TC anterior a 7.3.2 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de proceso o recarga de dispositivo) a trav\u00e9s de una inundaci\u00f3n de paquetes IP manipulados, tambi\u00e9n conocido como Bug ID CSCuj68952."
}
],
"id": "CVE-2015-0722",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-25T00:59:02.637",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2174
Vulnerability from fkie_nvd - Published: 2015-05-25 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21D19C90-19D2-46E5-BDA7-F7125F7A2878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "E88E8ECB-9A40-4B2A-B1E1-EB9CB69D322A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "357A8344-F77C-4D95-AFFC-930E3E177630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "03F8F06D-174D-4FEB-880F-825019FF2415",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "A6349908-7468-43BA-ACF2-4166FC95405C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "47981023-90C1-46D1-BCD6-6BE64364C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "83DB0369-FA22-43FE-9E0B-B370B44490B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "982DC39F-5FA0-4450-8C36-447270BFFC36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "536F8A9D-59C6-42E4-B672-8B1D909F8535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1B1533-30F2-40AB-8429-2E7606EC06CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "32B5EEDB-7471-45C2-956B-466626E9EDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9729B0D4-F6E5-4683-947B-D73C6B147897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "BC20694E-FD91-4932-9AB5-1E1C8DD01BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9056D02-E7C8-47B3-8CEF-E485CA6EC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "70496628-EF39-4E54-BC9E-E2D9BDC00C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E50B4A0E-7851-4C1A-AAA7-2E4EF655056D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "01392813-2BC7-4A4E-AF57-443E886E2643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "33CFCB77-65F1-48BF-8057-1F9C56BF7DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9D68BFBE-50A4-4565-BCDA-29BF2B5B962C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12DD1C-DF28-4B4B-93FB-6E346D810BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "62C20678-F9B0-488C-B1B4-C04005F5E3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB861F3A-CA8F-493B-B63E-C27007D7A498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20F63626-8F70-4EE8-80A7-24614640E2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2083FC5B-B24C-49C9-B44B-29C9F9A27BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98814197-69ED-414D-9B16-9E43C2244106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD0EDC3-3932-4DB2-9562-682808B20DD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651."
},
{
"lang": "es",
"value": "Cisco TelePresence T, TelePresence TE, y TelePresence TC anterior a 7.1 no implementan correctamente el control de acceso, lo que permite a atacantes remotos obtener privilegios root mediante el env\u00edo de paquetes en la red local y permite a atacantes f\u00edsicamente pr\u00f3ximos obtener privilegios root a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCub67651."
}
],
"id": "CVE-2014-2174",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-25T00:59:00.073",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0697
Vulnerability from fkie_nvd - Published: 2015-04-15 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=38350 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032136 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=38350 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032136 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 6.0.0 | |
| cisco | telepresence_tc_software | 6.0.0-cucm | |
| cisco | telepresence_tc_software | 6.0.1 | |
| cisco | telepresence_tc_software | 6.0.1-cucm | |
| cisco | telepresence_tc_software | 6.0.2 | |
| cisco | telepresence_tc_software | 6.0_base | |
| cisco | telepresence_tc_software | 6.1.0 | |
| cisco | telepresence_tc_software | 6.1.0-cucm | |
| cisco | telepresence_tc_software | 6.1.1 | |
| cisco | telepresence_tc_software | 6.1.1-cucm | |
| cisco | telepresence_tc_software | 6.1.2 | |
| cisco | telepresence_tc_software | 6.1.2-cucm | |
| cisco | telepresence_tc_software | 6.1_base | |
| cisco | telepresence_tc_software | 6.3_base | |
| cisco | telepresence_tc_software | 7.2_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94C1BE25-C013-474A-AAAF-B978A781A8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "583F9A48-26EC-46C5-92D8-EB6D897DA667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E120C710-F9E2-471F-A5FD-E6B805F39871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F633CE-62D7-4731-88BE-DEA5165CF5B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "974D9FF9-A0EA-4F49-863E-4458638E9129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "BF99E657-F09A-42E0-B404-6583D18C7882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94A7425C-81B4-4263-9C84-1117228EFD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9645A3-DAAA-45B0-98E8-81D65E8E944C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE7FFEC-7339-48F1-9413-D751565D9DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1F3C1E-DF98-41FB-B48D-B423989182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A4419044-A799-459F-ABE1-C44A928221DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B924E4-442D-4F1C-954B-745235B3C896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "79011B2C-E3D9-4258-A1B8-941DAC04D0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:6.3_base:*:*:*:*:*:*:*",
"matchCriteriaId": "D385E100-3809-4257-9CD0-379EE1BDF584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:telepresence_tc_software:7.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC46370-9EC4-4318-9665-A311763A17C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980."
},
{
"lang": "es",
"value": "Vulnerabilidad de la redirecci\u00f3n abierta en la p\u00e1gina de login en Cisco TC Software anterior a 6.3-26 y 7.x anterior a 7.3.0 en dispositivos Cisco TelePresence Collaboration Desk and Room Endpoints permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y llevar a cabo ataques de phishing a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq94980."
}
],
"id": "CVE-2015-0697",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-04-15T10:59:03.533",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032136"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0696
Vulnerability from fkie_nvd - Published: 2015-04-15 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=38349 | Vendor Advisory | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032137 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=38349 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032137 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 6.0.0 | |
| cisco | telepresence_tc_software | 6.0.0-cucm | |
| cisco | telepresence_tc_software | 6.0.1 | |
| cisco | telepresence_tc_software | 6.0.1-cucm | |
| cisco | telepresence_tc_software | 6.0.2 | |
| cisco | telepresence_tc_software | 6.0_base | |
| cisco | telepresence_tc_software | 6.1.0 | |
| cisco | telepresence_tc_software | 6.1.0-cucm | |
| cisco | telepresence_tc_software | 6.1.1 | |
| cisco | telepresence_tc_software | 6.1.1-cucm | |
| cisco | telepresence_tc_software | 6.1.2 | |
| cisco | telepresence_tc_software | 6.1.2-cucm | |
| cisco | telepresence_tc_software | 6.1_base | |
| cisco | telepresence_tc_software | 6.3_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9056D02-E7C8-47B3-8CEF-E485CA6EC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "70496628-EF39-4E54-BC9E-E2D9BDC00C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E50B4A0E-7851-4C1A-AAA7-2E4EF655056D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "01392813-2BC7-4A4E-AF57-443E886E2643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "33CFCB77-65F1-48BF-8057-1F9C56BF7DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "9D68BFBE-50A4-4565-BCDA-29BF2B5B962C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*",
"matchCriteriaId": "4C12DD1C-DF28-4B4B-93FB-6E346D810BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "62C20678-F9B0-488C-B1B4-C04005F5E3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3_base:*:*:*:*:*:*:*",
"matchCriteriaId": "BB60A756-C606-4CE6-8C6A-3D51E8C34E41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la p\u00e1gina de login en Cisco TC Software anterior a 7.1.0 en dispositivos Cisco TelePresence Collaboration Desk and Room Endpoints permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq94977."
}
],
"id": "CVE-2015-0696",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-04-15T10:59:02.423",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032137"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2163
Vulnerability from fkie_nvd - Published: 2014-05-02 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_tc_software | 4.0.0 | |
| cisco | telepresence_tc_software | 4.0.1 | |
| cisco | telepresence_tc_software | 4.0.4 | |
| cisco | telepresence_tc_software | 4.1.1 | |
| cisco | telepresence_tc_software | 4.1.2 | |
| cisco | telepresence_tc_software | 4.2.0 | |
| cisco | telepresence_tc_software | 4.2.1 | |
| cisco | telepresence_tc_software | 4.2.2 | |
| cisco | telepresence_tc_software | 4.2.3 | |
| cisco | telepresence_tc_software | 4.2.4 | |
| cisco | telepresence_tc_software | 5.0.0 | |
| cisco | telepresence_tc_software | 5.0.1 | |
| cisco | telepresence_tc_software | 5.0.2 | |
| cisco | telepresence_tc_software | 5.1.0 | |
| cisco | telepresence_tc_software | 5.1.1 | |
| cisco | telepresence_tc_software | 5.1.2 | |
| cisco | telepresence_tc_software | 5.1.3 | |
| cisco | telepresence_tc_software | 5.1.4 | |
| cisco | telepresence_tc_software | 5.1.5 | |
| cisco | telepresence_tc_software | 5.1.6 | |
| cisco | telepresence_tc_software | 5.1.7 | |
| cisco | telepresence_te_software | 4.1.0 | |
| cisco | telepresence_te_software | 4.1.1 | |
| cisco | telepresence_te_software | 4.1.2 | |
| cisco | telepresence_te_software | 4.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E492709-66DB-4491-AC15-550398099903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88A64CA3-C8E8-4DCB-B865-1767EE178F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4C16D2-4FFC-45C5-B3D8-26EF76482B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02184B87-A8D9-4445-A6FC-F1F5DDE0DBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEFCD2A-167A-4897-BF94-42876763F38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961."
},
{
"lang": "es",
"value": "La implementaci\u00f3n SIP en Cisco TelePresence TC Software 4.x y 5.x y TE Software 4.x permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de paquetes SIP manipulados, tambi\u00e9n conocido como Bug ID CSCua64961."
}
],
"id": "CVE-2014-2163",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-02T10:55:08.180",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2168
Vulnerability from fkie_nvd - Published: 2014-05-02 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to execute arbitrary code via crafted DNS response packets, aka Bug ID CSCty44804.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | telepresence_te_software | 4.1.0 | |
| cisco | telepresence_te_software | 4.1.1 | |
| cisco | telepresence_te_software | 4.1.2 | |
| cisco | telepresence_te_software | 4.1.3 | |
| cisco | telepresence_te_software | 6.0 | |
| cisco | telepresence_tc_software | 4.0.0 | |
| cisco | telepresence_tc_software | 4.0.1 | |
| cisco | telepresence_tc_software | 4.0.4 | |
| cisco | telepresence_tc_software | 4.1.1 | |
| cisco | telepresence_tc_software | 4.1.2 | |
| cisco | telepresence_tc_software | 4.2.0 | |
| cisco | telepresence_tc_software | 4.2.1 | |
| cisco | telepresence_tc_software | 4.2.2 | |
| cisco | telepresence_tc_software | 4.2.3 | |
| cisco | telepresence_tc_software | 4.2.4 | |
| cisco | telepresence_tc_software | 5.0.0 | |
| cisco | telepresence_tc_software | 5.0.1 | |
| cisco | telepresence_tc_software | 5.0.2 | |
| cisco | telepresence_tc_software | 5.1.0 | |
| cisco | telepresence_tc_software | 5.1.1 | |
| cisco | telepresence_tc_software | 5.1.2 | |
| cisco | telepresence_tc_software | 5.1.3 | |
| cisco | telepresence_tc_software | 5.1.4 | |
| cisco | telepresence_tc_software | 5.1.5 | |
| cisco | telepresence_tc_software | 5.1.6 | |
| cisco | telepresence_tc_software | 5.1.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1568AF81-D676-448F-A64D-561E8F7DD874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E492709-66DB-4491-AC15-550398099903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88A64CA3-C8E8-4DCB-B865-1767EE178F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4C16D2-4FFC-45C5-B3D8-26EF76482B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02184B87-A8D9-4445-A6FC-F1F5DDE0DBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEFCD2A-167A-4897-BF94-42876763F38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to execute arbitrary code via crafted DNS response packets, aka Bug ID CSCty44804."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Cisco TelePresence TC Software 4.x y 5.x y TE Software 4.x y 6.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquetes de respuesta DNS manipulados, tambi\u00e9n conocido como Bug ID CSCty44804."
}
],
"id": "CVE-2014-2168",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-02T10:55:08.287",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2171
Vulnerability from fkie_nvd - Published: 2014-05-02 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1568AF81-D676-448F-A64D-561E8F7DD874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2083FC5B-B24C-49C9-B44B-29C9F9A27BD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E492709-66DB-4491-AC15-550398099903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88A64CA3-C8E8-4DCB-B865-1767EE178F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4C16D2-4FFC-45C5-B3D8-26EF76482B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02184B87-A8D9-4445-A6FC-F1F5DDE0DBDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEFCD2A-167A-4897-BF94-42876763F38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Cisco TelePresence TC Software 4.x hasta 6.x hasta 6.0.1 y TE Software 4.x y 6.0.x anterior a 6.0.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquetes SIP manipulados, tambi\u00e9n conocido como Bug ID CSCud81796."
}
],
"id": "CVE-2014-2171",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-02T10:55:08.367",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-6648 (GCVE-0-2017-6648)
Vulnerability from cvelistv5 – Published: 2017-06-08 13:00 – Updated: 2024-08-05 15:33
VLAI?
Summary
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco TelePresence Endpoint Denial of Service Vulnerability |
Affected:
Cisco TelePresence Endpoint Denial of Service Vulnerability
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco TelePresence Endpoint Denial of Service Vulnerability",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco TelePresence Endpoint Denial of Service Vulnerability"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco TelePresence Endpoint Denial of Service Vulnerability",
"version": {
"version_data": [
{
"version_value": "Cisco TelePresence Endpoint Denial of Service Vulnerability"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6648",
"datePublished": "2017-06-08T13:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:33:20.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6459 (GCVE-0-2016-6459)
Vulnerability from cvelistv5 – Published: 2016-11-19 02:45 – Updated: 2024-08-06 01:29
VLAI?
Summary
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0.
Severity ?
No CVSS data available.
CWE
- unspecified
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco TelePresence CE and TC 8.1.x |
Affected:
Cisco TelePresence CE and TC 8.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037187"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco TelePresence CE and TC 8.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco TelePresence CE and TC 8.1.x"
}
]
}
],
"datePublic": "2016-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037187"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco TelePresence CE and TC 8.1.x",
"version": {
"version_data": [
{
"version_value": "Cisco TelePresence CE and TC 8.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037187"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6459",
"datePublished": "2016-11-19T02:45:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1387 (GCVE-0-2016-1387)
Vulnerability from cvelistv5 – Published: 2016-05-05 21:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1387",
"datePublished": "2016-05-05T21:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4271 (GCVE-0-2015-4271)
Vulnerability from cvelistv5 – Published: 2015-07-15 18:00 – Updated: 2024-08-06 06:11
VLAI?
Summary
Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4271",
"datePublished": "2015-07-15T18:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0770 (GCVE-0-2015-0770)
Vulnerability from cvelistv5 – Published: 2015-06-07 18:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032511",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032511",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032511",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0770",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0722 (GCVE-0-2015-0722)
Vulnerability from cvelistv5 – Published: 2015-05-25 00:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-25T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0722",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0722",
"datePublished": "2015-05-25T00:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2174 (GCVE-0-2014-2174)
Vulnerability from cvelistv5 – Published: 2015-05-25 00:00 – Updated: 2024-08-06 10:05
VLAI?
Summary
Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-25T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2174",
"datePublished": "2015-05-25T00:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0696 (GCVE-0-2015-0696)
Vulnerability from cvelistv5 – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0696",
"datePublished": "2015-04-15T10:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0697 (GCVE-0-2015-0697)
Vulnerability from cvelistv5 – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032136",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0697",
"datePublished": "2015-04-15T10:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6648 (GCVE-0-2017-6648)
Vulnerability from nvd – Published: 2017-06-08 13:00 – Updated: 2024-08-05 15:33
VLAI?
Summary
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco TelePresence Endpoint Denial of Service Vulnerability |
Affected:
Cisco TelePresence Endpoint Denial of Service Vulnerability
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco TelePresence Endpoint Denial of Service Vulnerability",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco TelePresence Endpoint Denial of Service Vulnerability"
}
]
}
],
"datePublic": "2017-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco TelePresence Endpoint Denial of Service Vulnerability",
"version": {
"version_data": [
{
"version_value": "Cisco TelePresence Endpoint Denial of Service Vulnerability"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele"
},
{
"name": "98934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98934"
},
{
"name": "1038624",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6648",
"datePublished": "2017-06-08T13:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:33:20.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6459 (GCVE-0-2016-6459)
Vulnerability from nvd – Published: 2016-11-19 02:45 – Updated: 2024-08-06 01:29
VLAI?
Summary
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0.
Severity ?
No CVSS data available.
CWE
- unspecified
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco TelePresence CE and TC 8.1.x |
Affected:
Cisco TelePresence CE and TC 8.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037187"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco TelePresence CE and TC 8.1.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco TelePresence CE and TC 8.1.x"
}
]
}
],
"datePublic": "2016-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037187"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco TelePresence CE and TC 8.1.x",
"version": {
"version_data": [
{
"version_value": "Cisco TelePresence CE and TC 8.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tp"
},
{
"name": "94075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94075"
},
{
"name": "1037187",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037187"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6459",
"datePublished": "2016-11-19T02:45:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1387 (GCVE-0-2016-1387)
Vulnerability from nvd – Published: 2016-05-05 21:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160504 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml"
},
{
"name": "1035744",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1387",
"datePublished": "2016-05-05T21:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4271 (GCVE-0-2015-4271)
Vulnerability from nvd – Published: 2015-07-15 18:00 – Updated: 2024-08-06 06:11
VLAI?
Summary
Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:12.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032931"
},
{
"name": "20150714 Cisco TelePresence Integrator C Series Multiple Request Parameter Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39880"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4271",
"datePublished": "2015-07-15T18:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:12.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0770 (GCVE-0-2015-0770)
Vulnerability from nvd – Published: 2015-06-07 18:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032511",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032511",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032511",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032511"
},
{
"name": "20150605 Cisco TelePresence SX20 HTTP Response Splitting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0770",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0722 (GCVE-0-2015-0722)
Vulnerability from nvd – Published: 2015-05-25 00:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-25T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0722",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0722",
"datePublished": "2015-05-25T00:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2174 (GCVE-0-2014-2174)
Vulnerability from nvd – Published: 2015-05-25 00:00 – Updated: 2024-08-06 10:05
VLAI?
Summary
Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-25T00:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150513 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2174",
"datePublished": "2015-05-25T00:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0696 (GCVE-0-2015-0696)
Vulnerability from nvd – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq94977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38349"
},
{
"name": "1032137",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0696",
"datePublished": "2015-04-15T10:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0697 (GCVE-0-2015-0697)
Vulnerability from nvd – Published: 2015-04-15 10:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1032136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032136",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032136"
},
{
"name": "20150414 Cisco TelePresence Collaboration Desk and Room Endpoints HTML Redirect Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38350"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0697",
"datePublished": "2015-04-15T10:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}