CVE-2011-0374

2011-02-2512:00:00

CWE-78

[email protected]

web.nvd.nist.gov

cisco

telepresence

endpoint devices

software

authenticated users

arbitrary commands

remote

command injection vulnerabilities

bug id csctb31659

cgi implementation

cve-2011-0374

7.6 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

44.1%

JSON

The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to “command injection vulnerabilities,” aka Bug ID CSCtb31659.

CPENameOperatorVersion
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.2.3
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.3.2
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.4.7
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.1
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.3
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.10
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.11
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.12
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.13
cisco:telepresence_system_1000cisco telepresence system 1000eq*

CPE	Name	Operator	Version
cisco:telepresence_system_software	cisco telepresence system software	eq	1.2.3
cisco:telepresence_system_software	cisco telepresence system software	eq	1.3.2
cisco:telepresence_system_software	cisco telepresence system software	eq	1.4.7
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.1
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.3
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.10
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.11
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.12
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.13
cisco:telepresence_system_1000	cisco telepresence system 1000	eq	*