Lucene search
CiscoCVE-2015-0660HistoryMar 14, 2015 - 1:59 a.m.
CVE-2015-0660
2015-03-1401:59:09
CWE-284
cisco
web.nvd.nist.gov
35
cisco
telepresence
server
software
local users
arbitrary commands
root access
serial port
security vulnerability
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0
Percentile
5.1%
Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123.
Affected configurations
Node
ciscotelepresence_server_software
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_server_software | * | cpe:2.3:a:cisco:telepresence_server_software:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2015-03-14 01:59:00
cisco
cisco
cvelist
cvelist
CVE-2015-0660
2015-03-14 01:00:00
nvd
nvd
CVE-2015-0660
2015-03-14 01:59:09
kaspersky
kaspersky
KLA10504 Multiple vulnerabilities in Cisco products
2015-03-19 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2015-0660