fkie_cve-2015-0713
Vulnerability from fkie_nvd
Published
2015-05-25 00:59
Modified
2024-11-21 02:23
Severity ?
Summary
The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tpVendor Advisory
Impacted products
Vendor Product Version
cisco telepresence_advanced_media_gateway 1.0\(.1.13\)
cisco telepresence_advanced_media_gateway 1.1\(.1.14\)
cisco telepresence_advanced_media_gateway 1.1\(1.34\)
cisco telepresence_ip_gateway 2.0.1.7
cisco telepresence_ip_gateway 2.0.1.11
cisco telepresence_ip_gateway 2.0.3.34
cisco telepresence_ip_vcr_1.0_converter 1.0\(1.9\)
cisco telepresence_ip_vcr_2.4 1.2
cisco telepresence_ip_vcr_3.0 1.22
cisco telepresence_ip_vcr_3.0 1.24
cisco telepresence_isdn_gw_3241 2.0\(1.51\)
cisco telepresence_isdn_gw_3241 2.1\(1.22\)
cisco telepresence_isdn_gw_3241 2.1\(1.43\)
cisco telepresence_isdn_gw_3241 2.1\(1.49\)
cisco telepresence_isdn_gw_3241 2.1\(1.56\)
cisco telepresence_mcu_software 4.1\(1.51\)
cisco telepresence_mcu_software 4.1\(1.59\)
cisco telepresence_mcu_software 4.2\(1.43\)
cisco telepresence_mcu_software 4.2\(1.46\)
cisco telepresence_mcu_software 4.2\(1.50\)
cisco telepresence_mcu_software 4.3\(1.68\)
cisco telepresence_mcu_software 4.3\(2.18\)
cisco telepresence_mcu_software 4.3\(2.30\)
cisco telepresence_mcu_software 4.3\(2.32\)
cisco telepresence_mcu_software 4.4\(3.42\)
cisco telepresence_mcu_software 4.4\(3.49\)
cisco telepresence_serial_gateway 1.0.1.23
cisco telepresence_serial_gateway 1.0.1.34
cisco telepresence_serial_gateway 1.0.1.38
cisco telepresence_server_software 2.1\(1.33\)
cisco telepresence_server_software 2.1\(1.37\)
cisco telepresence_server_software 2.2\(1.43\)
cisco telepresence_server_software 2.2\(1.48\)
cisco telepresence_server_software 2.2\(1.54\)
cisco telepresence_server_software 2.3\(1.55\)
cisco telepresence_server_software 2.3\(1.57\)
cisco telepresence_server_software 3.0\(2.24\)
cisco telepresence_server_software 4.0\(1.57\)
cisco telepresence_server_software 4.0\(2.8\)
cisco telepresence_supervisor_mse_8050_software 2.1\(1.18\)
cisco telepresence_supervisor_mse_8050_software 2.2\(1.17\)
cisco telepresence_supervisor_mse_8050_software 2.3\(1.32\)


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.0\\(.1.13\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "02365039-7794-4A7C-B48F-AFEBAE929B7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(.1.14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C6AB701-BFBA-4199-83AC-F5D39C56FEAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(1.34\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D7FE013A-292B-46D7-80BE-3B26FBD05D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D7B8A87-18A3-4F9A-80CA-531F8FD34EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA75EBD3-C348-4175-AE49-C1F43168E591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.3.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5E5CB75-06D2-47DD-A435-1CD7887B4143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_1.0_converter:1.0\\(1.9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A83850D3-C59D-4170-A5E1-4F9AFF068EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_2.4:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "03952191-EEBA-434B-B38A-D4470731F74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A280285-5B92-4518-8432-919654B0C34B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B466E73-B28C-4AE1-8830-3D7ECAFDE34B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.0\\(1.51\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E8415303-8D7D-4E37-ACD0-6E6011D2B8CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.22\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A30919-F651-4018-BE0F-71AF8C56BABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.43\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE00AF4-76FD-42E4-A0FC-6E1534282C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.49\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A3CF3A-6068-4D5D-BCDA-77B201E28800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.56\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0C9E2011-B794-485A-93C6-EFDE17C98DD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.51\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A0E502-987C-4BB3-BB30-4E46128D73EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.59\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F653E6-270B-4BFF-8F26-2CD4A3B6F60D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.43\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B3EFEACC-766F-4479-A69E-389D0448A44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.46\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BF1356C5-A6BC-4D1F-A640-0E0D568797AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.50\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C844842F-45CF-43DC-84DA-C52AEB40E54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(1.68\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C20EAA-687B-4531-91EB-C1B835A6C0BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "970A98BD-0018-44E2-B4AA-5715B383EB29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.30\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BB0C1257-037A-4FED-8FAC-F39169A1D0B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.32\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D5FC7CE6-D1BE-4E78-9727-39AED8E04306",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.42\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F47D2C63-FA7A-4993-A44B-7DE1F9158EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.49\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2C75377B-0CB7-461C-A857-1CC9BB394B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "75DB1C8C-C9E5-4C83-B524-3E71B1FAACF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "63549A00-A34D-4A7E-A38C-6470EBBB0A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D964BE9-A3B7-46D6-BBC6-0DBF0F13B91A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.33\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4987F125-01CF-4D17-AF4C-E1F4BB977039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.37\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EB6EAFBB-5B0A-43E0-A7A7-8B2C17033301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.43\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B029054E-5575-40DA-B9C0-C45A0E938D8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8B4263AB-2AE2-418D-AFD1-FAA4CF46DE41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.54\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D93A770A-3B67-4F27-B695-50F0430AFB03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8E87AF-FAC5-419F-80DF-02EF48485990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.57\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5488C8-1B72-41D5-B346-1C27B529BAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.24\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CE67D1A0-522A-4FEB-A59E-27D8E8FA3196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(1.57\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "71B3BA0E-F4D1-484D-987D-F96DD3DECDB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(2.8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28A70BA8-B132-4EAC-A9C5-706B5BE7D837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.1\\(1.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE3300B-EB67-43E2-B124-6BAFD8AE2AA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.2\\(1.17\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1F6C244B-DFCE-4E17-B13D-2DBB7053D0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.3\\(1.32\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "555E1314-2954-4D81-8BFB-298CE9891106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855."
    },
    {
      "lang": "es",
      "value": "El Framework web en Cisco TelePresence Advanced Media Gateway Series Software anterior a 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software anterior a 3.0(1.27), Cisco TelePresence ISDN Gateway Software anterior a 2.2(1.94), Cisco TelePresence MCU Software anterior a 4.4(3.54) y 4.5 anterior a 4.5(1.45), Cisco TelePresence MSE Supervisor Software anterior a 2.3(1.38), Cisco TelePresence Serial Gateway Series Software anterior a 1.0(1.42), Cisco TelePresence Server Software for Hardware anterior a 3.1(1.98), y Cisco TelePresence Server Software for Virtual Machine anterior a 4.1(1.79) permite a usuarios remotos autenticados ejecutar comandos arbitrarios con privilegios root a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, y CSCur15855."
    }
  ],
  "id": "CVE-2015-0713",
  "lastModified": "2024-11-21T02:23:35.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-05-25T00:59:01.357",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tp"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.