CVE-2014-0661

Опубликовано: 22 янв. 2014

Источник: nvd

CVSS2: 8.3

EPSS Низкий

Описание

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.

Ссылки

http://osvdb.org/102362
http://secunia.com/advisories/56533
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts
Vendor Advisory
http://www.securityfocus.com/bid/65071
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029656
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624
http://osvdb.org/102362
http://secunia.com/advisories/56533
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts
Vendor Advisory
http://www.securityfocus.com/bid/65071
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029656
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*

Версия до 1.10.1\(43\) (включая)

cpe:2.3:a:cisco:telepresence_system_software:1.5.10\(3648\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.7.5\(42\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.7.6\(4\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.0\(55\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.1\(34\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.2\(11\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.3\(4\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.4\(13\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.8.5\(4\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.0\(46\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.1\(68\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.2\(19\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.3\(44\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.4\(19\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.5\(7\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.6\(2\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\(3\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.10.0\(259\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:cisco:telepresence_system_1000:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_1300-65:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_500-37:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*

Версия до 6.0.3\(33\) (включая)

cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\(4\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:6.0.1\(50\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:6.0.2\(28\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:6.1.0\(90\):*:*:*:*:*:*:*

Одно из

cpe:2.3:h:cisco:telepresence_system_1100:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_500-32:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04042

Низкий

8.3 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-7g4g-9h43-3xvc

github

больше 3 лет назад

EPSS

Процентиль: 88%

0.04042

Низкий

8.3 High

CVSS2

Дефекты

CWE-94