CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
90.7%
The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_recording_server_software | 1.6.1 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.2 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.3 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:* |
cisco | telepresence_recording_server | * | cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.0.4.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.1 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.2 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.5.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.5.1 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:* |