CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
78.1%
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_recording_server_software | 1.6.1 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.2 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.3 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:* |
cisco | telepresence_recording_server | * | cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:* |