cisco-sa-20140122-cts

Cisco TelePresence System Software Command Execution Vulnerability

cisco-sa-20140122-cts · High · Published 12 years ago · Updated 12 years ago

Cisco TelePresence System Software contains a vulnerability in the System Status Collection Daemon (SSCD) code that could allow an unauthenticated, adjacent attacker to execute arbitrary commands with the privileges of the root user. Cisco has released software updates that address this vulnerability. No workarounds that mitigate this vulnerability are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that mitigate this vulnerability.

CVEs	CVE-2014-0661
Cisco Bug IDs	CSCui32796
CVSS Score	Base 8.3 Base 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source	Cisco TelePresence System Software

Related Products

Product	CVE	Evidence
Cisco TelePresence System Software	CVE-2014-0661	Cisco OpenVuln
Cisco TelePresence	CVE-2014-0661	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco TelePresence System Software Command Execution Vulnerability

Workarounds

Related Products