Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in Cisco TelePresence Manager

cisco-sa-20110223-telepresence-ctsman · Critical · Published · Updated

Multiple vulnerabilities exist in the Cisco TelePresence Manager. This security advisory outlines the details of the following vulnerabilities: Simple Object Access Protocol (SOAP) Authentication Bypass Java Remote Method Invocation (RMI) Command Injection Cisco Discovery Protocol Remote Code Execution Duplicate Issue Identification in Other Cisco TelePresence Advisories The Cisco Discovery Protocol remote code execution vulnerability affects Cisco TelePresence endpoints, Manager, Multipoint Switch, and Recording Server. The details about how the defect relates to each component are covered in each associated advisory. The Cisco bug IDs for these defects are as follows: Cisco TelePresence endpoint devices - CSCtd75754 Cisco TelePresence Manager - CSCtd75761 Cisco TelePresence Multipoint Switch - CSCtd75766 Cisco TelePresence Recording Server - CSCtd75769 This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110223-telepresence-ctsman.

Cisco advisory · CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2011-0380, CVE-2011-0381, CVE-2011-0390
Cisco Bug IDsNA
CVSS ScoreBase 7.5
Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:U/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco TelePresence

Related Products

Product CVE Evidence
Cisco TelePresence Recording Server CVE-2011-0390 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0381 Cisco OpenVuln
Cisco TelePresence Recording Server CVE-2011-0380 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0390 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0381 Cisco OpenVuln
Cisco TelePresence Multipoint Switch CVE-2011-0380 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0390 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0381 Cisco OpenVuln
Cisco TelePresence Manager CVE-2011-0380 Cisco OpenVuln
Cisco TelePresence CVE-2011-0390 Cisco OpenVuln
Cisco TelePresence CVE-2011-0381 Cisco OpenVuln
Cisco TelePresence CVE-2011-0380 Cisco OpenVuln