CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
91.1%
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_recording_server_software | 1.6.1 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.2 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.3 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.7.0 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.0:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.7.1 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.7.1:*:*:*:*:*:*:* |
cisco | telepresence_recording_server | * | cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:* |