[email protected]CVE-2011-0380

HistoryFeb 25, 2011 - 12:00 p.m.

CVE-2011-0380

2011-02-2512:00:00

CWE-287

[email protected]

web.nvd.nist.gov

cisco

telepresence

manager

authentication bypass

remote attackers

soap request

bug id

csctc59562

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562.

CPENameOperatorVersion
cisco:telepresence_managercisco telepresence managereq1.5.1
cisco:telepresence_managercisco telepresence managereq1.6.0
cisco:telepresence_managercisco telepresence managereq1.6.3
cisco:telepresence_managercisco telepresence managereq1.4.0
cisco:telepresence_managercisco telepresence managereq1.6.2
cisco:telepresence_managercisco telepresence managereq1.5.2
cisco:telepresence_managercisco telepresence managereq1.6.5
cisco:telepresence_managercisco telepresence managereq1.2.0.0
cisco:telepresence_managercisco telepresence managereq1.3.2

CPE	Name	Operator	Version
cisco:telepresence_manager	cisco telepresence manager	eq	1.5.1
cisco:telepresence_manager	cisco telepresence manager	eq	1.6.0
cisco:telepresence_manager	cisco telepresence manager	eq	1.6.3
cisco:telepresence_manager	cisco telepresence manager	eq	1.4.0
cisco:telepresence_manager	cisco telepresence manager	eq	1.6.2
cisco:telepresence_manager	cisco telepresence manager	eq	1.5.2
cisco:telepresence_manager	cisco telepresence manager	eq	1.6.5
cisco:telepresence_manager	cisco telepresence manager	eq	1.2.0.0
cisco:telepresence_manager	cisco telepresence manager	eq	1.3.2

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml

www.securityfocus.com/bid/46526

www.securitytracker.com/id?1025111

exchange.xforce.ibmcloud.com/vulnerabilities/65618

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVE-2011-0380

prion1 cvelist1 cisco1 securityvulns2