Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices

cisco-sa-20110223-telepresence-cts · Critical · Published · Updated

Multiple vulnerabilities exist in the Cisco TelePresence solution; each component of the solution is addressed independently in its own advisory. This advisory addresses Cisco TelePresence endpoint devices and details the following vulnerabilities: Unauthenticated Common Gateway Interface (CGI) Access CGI Command Injection TFTP Information Disclosure Malicious IP Address Injection XML-Remote Procedure Call (RPC) Command Injection Cisco Discovery Protocol Remote Code Execution Duplicate Issue Identification in Other Cisco TelePresence Advisories The Cisco Discovery Protocol Remote Code Execution vulnerability affects Cisco TelePresence endpoint devices, Manager, Multipoint Switch, and Recording Server. The defect that is related to each component is covered in each associated advisory. The Cisco bug IDs for these defects are as follows: Cisco TelePresence endpoint devices (CSCtd75754) Cisco TelePresence Manager (CSCtd75761) Cisco TelePresence Multipoint Switch (CSCtd75766) Cisco TelePresence Recording Server (CSCtd75769) This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110223-telepresence-cts.

Cisco advisory · CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2011-0372, CVE-2011-0373, CVE-2011-0374, CVE-2011-0375, CVE-2011-0376, CVE-2011-0377, CVE-2011-0378, CVE-2011-0379
Cisco Bug IDsNA
CVSS ScoreBase 10.0
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco TelePresence

Related Products

Product CVE Evidence
Cisco TelePresence Recording Server CVE-2011-0379 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0378 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0377 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0376 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0375 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0374 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0373 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0372 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0379 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0378 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0377 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0376 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0375 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0374 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0373 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0372 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0379 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0378 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0377 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0376 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0375 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0374 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0373 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0372 Cisco OpenVuln
Cisco TelePresence CVE-2011-0379 Cisco OpenVuln
Cisco TelePresence CVE-2011-0378 Cisco OpenVuln
Cisco TelePresence CVE-2011-0377 Cisco OpenVuln
Cisco TelePresence CVE-2011-0376 Cisco OpenVuln
Cisco TelePresence CVE-2011-0375 Cisco OpenVuln
Cisco TelePresence CVE-2011-0374 Cisco OpenVuln
Cisco TelePresence CVE-2011-0373 Cisco OpenVuln
Cisco TelePresence CVE-2011-0372 Cisco OpenVuln