VAR-201505-0131
Vulnerability from variot - Updated: 2023-12-18 13:44The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. plural Cisco TelePresence Product Web The framework includes root A vulnerability exists that allows arbitrary commands to be executed with privileges. Vendors have confirmed this vulnerability Bug ID CSCul55968 , CSCur08993 , CSCur15803 , CSCur15807 , CSCur15825 , CSCur15832 , CSCur15842 , CSCur15850 ,and CSCur15855 It is released as.By a remotely authenticated user root An arbitrary command may be executed with authority. Multiple Cisco TelePresence Products are prone to a remote command-injection vulnerability because it fails to properly sanitize user-supplied input. This issue is being tracked by Cisco Bug IDs CSCur15855, CSCur15842, CSCul55968, CSCur15832, CSCur15825, CSCur15807, CSCur15850, CSCur15803, and CSCur08993. are all products of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0131",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telepresence ip vcr 2.4",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "telepresence ip gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.0.3.34"
},
{
"model": "telepresence supervisor mse 8050 software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2\\(1.17\\)"
},
{
"model": "telepresence ip gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.0.1.11"
},
{
"model": "telepresence advanced media gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(.1.14\\)"
},
{
"model": "telepresence ip gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.0.1.7"
},
{
"model": "telepresence advanced media gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(1.34\\)"
},
{
"model": "telepresence supervisor mse 8050 software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.3\\(1.32\\)"
},
{
"model": "telepresence isdn gw 3241",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.1\\(1.56\\)"
},
{
"model": "telepresence serial gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.0.1.23"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1.51\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2\\(1.54\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3\\(2.30\\)"
},
{
"model": "telepresence isdn gw 3241",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.49\\)"
},
{
"model": "telepresence supervisor mse 8050 software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.18\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(3.49\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1.46\\)"
},
{
"model": "telepresence ip vcr 3.0",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.24"
},
{
"model": "telepresence serial gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.1.38"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3\\(1.57\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.33\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(3.42\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(1.59\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1.50\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.37\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(1.57\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3\\(2.18\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3\\(1.68\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0\\(2.8\\)"
},
{
"model": "telepresence advanced media gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0\\(.1.13\\)"
},
{
"model": "telepresence isdn gw 3241",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.22\\)"
},
{
"model": "telepresence isdn gw 3241",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1\\(1.43\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3\\(2.32\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0\\(2.24\\)"
},
{
"model": "telepresence ip vcr 1.0 converter",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0\\(1.9\\)"
},
{
"model": "telepresence serial gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.1.34"
},
{
"model": "telepresence isdn gw 3241",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1.51\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3\\(1.55\\)"
},
{
"model": "telepresence ip vcr 3.0",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.22"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2\\(1.43\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2\\(1.48\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1.43\\)"
},
{
"model": "telepresence mcu software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "telepresence ip gateway series software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5(1.45)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.33\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.24\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.57\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(2.8\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.50\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.30\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.56\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.3\\(1.32\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.0\\(.1.13\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(1.34\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.3.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.43\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(1.68\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.42\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.59\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.1\\(1.18\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.37\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.43\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.48\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.54\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.32\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.49\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.0\\(1.51\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.22\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.43\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_vcr_2.4:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.55\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(1.57\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.51\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.46\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.18\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.49\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.2\\(1.17\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(.1.14\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_vcr_1.0_converter:1.0\\(1.9\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0713"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "74638"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0713",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-0713",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-78659",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0713",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-238",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-78659",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. plural Cisco TelePresence Product Web The framework includes root A vulnerability exists that allows arbitrary commands to be executed with privileges. Vendors have confirmed this vulnerability Bug ID CSCul55968 , CSCur08993 , CSCur15803 , CSCur15807 , CSCur15825 , CSCur15832 , CSCur15842 , CSCur15850 ,and CSCur15855 It is released as.By a remotely authenticated user root An arbitrary command may be executed with authority. Multiple Cisco TelePresence Products are prone to a remote command-injection vulnerability because it fails to properly sanitize user-supplied input. \nThis issue is being tracked by Cisco Bug IDs CSCur15855, CSCur15842, CSCul55968, CSCur15832, CSCur15825, CSCur15807, CSCur15850, CSCur15803, and CSCur08993. are all products of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "BID",
"id": "74638"
},
{
"db": "VULHUB",
"id": "VHN-78659"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0713",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "64498",
"trust": 0.6
},
{
"db": "BID",
"id": "74638",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-78659",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78659"
},
{
"db": "BID",
"id": "74638"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"id": "VAR-201505-0131",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-78659"
}
],
"trust": 0.6977272649999999
},
"last_update_date": "2023-12-18T13:44:20.397000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20150513-tp",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150513-tp"
},
{
"title": "38717",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38717"
},
{
"title": "cisco-sa-20150513-tp",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1129/1129380_cisco-sa-20150513-tp-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150513-tp"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0713"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0713"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/64498"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38717"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78659"
},
{
"db": "BID",
"id": "74638"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-78659"
},
{
"db": "BID",
"id": "74638"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-25T00:00:00",
"db": "VULHUB",
"id": "VHN-78659"
},
{
"date": "2015-05-13T00:00:00",
"db": "BID",
"id": "74638"
},
{
"date": "2015-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"date": "2015-05-25T00:59:01.357000",
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-78659"
},
{
"date": "2015-05-13T00:00:00",
"db": "BID",
"id": "74638"
},
{
"date": "2015-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002797"
},
{
"date": "2015-05-26T17:47:03.403000",
"db": "NVD",
"id": "CVE-2015-0713"
},
{
"date": "2015-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco TelePresence Product Web In the framework root Vulnerability to execute arbitrary commands with privileges",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002797"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-238"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…