Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2011-0386
HistoryFeb 25, 2011 - 12:00 p.m.

CVE-2011-0386

2011-02-2512:00:18
CWE-94
cisco
web.nvd.nist.gov
28
cve-2011-0386
cisco
telepresence
recording server
xml-rpc
remote code execution
vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.03

Percentile

91.1%

JSON

The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.

Affected configurations

Nvd
Node
ciscotelepresence_recording_server_softwareMatch1.6.1
OR
ciscotelepresence_recording_server_softwareMatch1.6.2
OR
ciscotelepresence_recording_server_softwareMatch1.6.3
OR
ciscotelepresence_recording_server_softwareMatch1.7.0
OR
ciscotelepresence_recording_server_softwareMatch1.7.1
AND
ciscotelepresence_recording_server
VendorProductVersionCPE
ciscotelepresence_recording_server_software1.6.1cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:*
ciscotelepresence_recording_server_software1.6.2cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:*
ciscotelepresence_recording_server_software1.6.3cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:*
ciscotelepresence_recording_server_software1.7.0cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.0:*:*:*:*:*:*:*
ciscotelepresence_recording_server_software1.7.1cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.1:*:*:*:*:*:*:*
ciscotelepresence_recording_server*cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:*

Related

nvd 1
prion 1
cvelist 1
cisco 1
securityvulns 2
nvd
nvd
CVE-2011-0386
2011-02-25 12:00:18
prion
prion
Design/Logic Flaw
2011-02-25 12:00:00
cvelist
cvelist
CVE-2011-0386
2011-02-25 11:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco TelePresence Recording Server
2011-02-23 16:00:00
securityvulns
securityvulns
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server
2011-02-28 00:00:00
Cisco Telepresence multiple security vulnerabilities
2011-02-28 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.03

Percentile

91.1%

JSON
Related for CVE-2011-0386
nvd1prion1cvelist1cisco1securityvulns2