Lucene search

[email protected]CVE-2011-0382

HistoryFeb 25, 2011 - 12:00 p.m.

CVE-2011-0382

2011-02-2512:00:00

CWE-78

[email protected]

web.nvd.nist.gov

cisco

telepresence

recording server

cgi

command injection

vulnerability

cisco telepresence recording server

cve-2011-0382

nvd

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.4%

JSON

The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a “command injection vulnerability,” aka Bug ID CSCtf97221.

CPENameOperatorVersion
cisco:telepresence_recording_server_softwarecisco telepresence recording server softwareeq1.6.1
cisco:telepresence_recording_servercisco telepresence recording servereq*

CPE	Name	Operator	Version
cisco:telepresence_recording_server_software	cisco telepresence recording server software	eq	1.6.1
cisco:telepresence_recording_server	cisco telepresence recording server	eq	*

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml

www.securityfocus.com/bid/46522

www.securitytracker.com/id?1025114

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.4%

JSON

Related for CVE-2011-0382

prion1 cisco1 securityvulns2