CVE-2011-0384

2011-02-2512:00:18

CWE-287

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253.

Affected configurations

Nvd

Node

ciscotelepresence_multipoint_switch_softwareMatch1.0.4.0

ciscotelepresence_multipoint_switch_softwareMatch1.1.0

ciscotelepresence_multipoint_switch_softwareMatch1.1.1

ciscotelepresence_multipoint_switch_softwareMatch1.1.2

ciscotelepresence_multipoint_switch_softwareMatch1.5.0

ciscotelepresence_multipoint_switch_softwareMatch1.5.1

ciscotelepresence_multipoint_switch_softwareMatch1.5.2

ciscotelepresence_multipoint_switch_softwareMatch1.5.3

ciscotelepresence_multipoint_switch_softwareMatch1.5.4

ciscotelepresence_multipoint_switch_softwareMatch1.5.5

ciscotelepresence_multipoint_switch_softwareMatch1.5.6

ciscotelepresence_multipoint_switch_softwareMatch1.6.0

ciscotelepresence_multipoint_switch_softwareMatch1.6.1

ciscotelepresence_multipoint_switch_softwareMatch1.6.2

ciscotelepresence_multipoint_switch_softwareMatch1.6.3

ciscotelepresence_multipoint_switch_softwareMatch1.6.4

AND

ciscotelepresence_multipoint_switch

VendorProductVersionCPE
ciscotelepresence_multipoint_switch_software1.0.4.0cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.1.0cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.1.1cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.1.2cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.0cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.1cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.2cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.3cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.4cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:*:*:*:*:*:*:*
ciscotelepresence_multipoint_switch_software1.5.5cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_multipoint_switch_software	1.0.4.0	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:::::::*
cisco	telepresence_multipoint_switch_software	1.1.0	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:::::::*
cisco	telepresence_multipoint_switch_software	1.1.1	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:::::::*
cisco	telepresence_multipoint_switch_software	1.1.2	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:::::::*
cisco	telepresence_multipoint_switch_software	1.5.0	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:::::::*
cisco	telepresence_multipoint_switch_software	1.5.1	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:::::::*
cisco	telepresence_multipoint_switch_software	1.5.2	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.2:::::::*
cisco	telepresence_multipoint_switch_software	1.5.3	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.3:::::::*
cisco	telepresence_multipoint_switch_software	1.5.4	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.4:::::::*
cisco	telepresence_multipoint_switch_software	1.5.5	cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.5:::::::*