Lucene search

[email protected]CVE-2014-0661

HistoryJan 22, 2014 - 9:55 p.m.

CVE-2014-0661

2014-01-2221:55:03

CWE-94

[email protected]

web.nvd.nist.gov

cve-2014-0661

sscd

cisco telepresence system

remote code execution

xml-rpc

stack memory corruption

denial of service

nvd

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.5%

JSON

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.

Affected configurations

NVD

Node

ciscotelepresence_system_softwareRange≤1.10.1\(43\)

ciscotelepresence_system_softwareMatch1.5.10\(3648\)

ciscotelepresence_system_softwareMatch1.7.5\(42\)

ciscotelepresence_system_softwareMatch1.7.6\(4\)

ciscotelepresence_system_softwareMatch1.8.0\(55\)

ciscotelepresence_system_softwareMatch1.8.1\(34\)

ciscotelepresence_system_softwareMatch1.8.2\(11\)

ciscotelepresence_system_softwareMatch1.8.3\(4\)

ciscotelepresence_system_softwareMatch1.8.4\(13\)

ciscotelepresence_system_softwareMatch1.8.5\(4\)

ciscotelepresence_system_softwareMatch1.9.0\(46\)

ciscotelepresence_system_softwareMatch1.9.1\(68\)

ciscotelepresence_system_softwareMatch1.9.2\(19\)

ciscotelepresence_system_softwareMatch1.9.3\(44\)

ciscotelepresence_system_softwareMatch1.9.4\(19\)

ciscotelepresence_system_softwareMatch1.9.5\(7\)

ciscotelepresence_system_softwareMatch1.9.6\(2\)

ciscotelepresence_system_softwareMatch1.9.6.1\(3\)

ciscotelepresence_system_softwareMatch1.10.0

ciscotelepresence_system_softwareMatch1.10.0\(259\)

ciscotelepresence_system_softwareMatch1.10.1

AND

ciscotelepresence_system_1000Match-

ciscotelepresence_system_1300-65Match-

ciscotelepresence_system_3000

ciscotelepresence_system_3010

ciscotelepresence_system_3200

ciscotelepresence_system_3210

ciscotelepresence_system_500-37Match-

Node

ciscotelepresence_system_softwareRange≤6.0.3\(33\)

ciscotelepresence_system_softwareMatch6.0.0.1\(4\)

ciscotelepresence_system_softwareMatch6.0.1\(50\)

ciscotelepresence_system_softwareMatch6.0.2\(28\)

ciscotelepresence_system_softwareMatch6.1.0\(90\)

AND

ciscotelepresence_system_1100Match-

ciscotelepresence_system_500-32Match-

ciscotelepresence_system_tx1300_47

ciscotelepresence_system_tx1310_65

ciscotelepresence_system_tx9000

ciscotelepresence_system_tx9200

CPENameOperatorVersion
cisco:telepresence_system_softwarecisco telepresence system softwarele1.10.1\(43\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.5.10\(3648\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.7.5\(42\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.7.6\(4\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.0\(55\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.1\(34\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.2\(11\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.3\(4\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.4\(13\)
cisco:telepresence_system_softwarecisco telepresence system softwareeq1.8.5\(4\)

CPE	Name	Operator	Version
cisco:telepresence_system_software	cisco telepresence system software	le	1.10.1\(43\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.5.10\(3648\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.7.5\(42\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.7.6\(4\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.0\(55\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.1\(34\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.2\(11\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.3\(4\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.4\(13\)
cisco:telepresence_system_software	cisco telepresence system software	eq	1.8.5\(4\)