Lucene search

K

[email protected]NVD:CVE-2013-3379

HistoryJun 21, 2013 - 1:57 p.m.

CVE-2013-3379

2013-06-2113:57:25

CWE-264

[email protected]

web.nvd.nist.gov

1

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.6%

The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.

Affected configurations

NVD

Node

ciscotelepresence_tc_softwareRange≤4.1.2

OR

ciscotelepresence_tc_softwareMatch4.0.0

OR

ciscotelepresence_tc_softwareMatch4.0.1

OR

ciscotelepresence_tc_softwareMatch4.0.4

OR

ciscotelepresence_tc_softwareMatch4.1.1

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

39.6%

Related for NVD:CVE-2013-3379

prion1 nessus1 cvelist1 cve1 cisco1 securityvulns1