Lucene search

[email protected]CVE-2011-4659

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-4659

2022-10-0316:15:14

CWE-264

[email protected]

web.nvd.nist.gov

cisco

telepresence

software

cisco ip

video phone e20

cve-2011-4659

remote attack

ssh session

configuration modification

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.

Affected configurations

NVD

Node

ciscotelepresence_e20_softwareRange≤te4.1.1-cucm

ciscotelepresence_e20_softwareMatchte2.2

ciscotelepresence_e20_softwareMatchte2.2.1

ciscotelepresence_e20_softwareMatchte4.0.0

ciscotelepresence_e20_softwareMatchte4.1.0

ciscotelepresence_e20_softwareMatchte4.1.1

ciscotelepresence_e20_softwareMatchtenc4.0.0

ciscotelepresence_e20_softwareMatchtenc4.1.0

ciscotelepresence_e20_softwareMatchtenc4.1.1

ciscotelepresence_e20_softwareMatchtenc4.1.1-cucm

AND

ciscoip_video_phone_e20Match-

CPENameOperatorVersion
cisco:telepresence_e20_softwarecisco telepresence e20 softwarelete4.1.1-cucm
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqte2.2
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqte2.2.1
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqte4.0.0
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqte4.1.0
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqte4.1.1
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqtenc4.0.0
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqtenc4.1.0
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqtenc4.1.1
cisco:telepresence_e20_softwarecisco telepresence e20 softwareeqtenc4.1.1-cucm

CPE	Name	Operator	Version
cisco:telepresence_e20_software	cisco telepresence e20 software	le	te4.1.1-cucm
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	te2.2
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	te2.2.1
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	te4.0.0
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	te4.1.0
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	te4.1.1
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	tenc4.0.0
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	tenc4.1.0
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	tenc4.1.1
cisco:telepresence_e20_software	cisco telepresence e20 software	eq	tenc4.1.1-cucm