CVE-2011-0374

Published Feb 25, 2011
Last updated 3 months ago
CVSS info 9.0
Overview

Description: The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-78
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5EAB196-F648-42F7-9621-9D43FA9288C1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFE7BB6D-16FF-4141-93A1-1B4EB7C1D46C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31487AA7-257C-4216-B5E5-6244FF06D00A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4062C260-C7B5-40E4-B77E-5AC1BFDB303D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9FF632-4F67-4D04-A7D9-FDDF24E22541"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27ECF70E-A6FE-4277-B02A-F0551271446B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68CC9A38-CA82-4558-BC92-0433301570E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F74C1145-E2DC-41A5-ADD8-282332124C8A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CB7370-5367-4C3E-9B0E-88A29E1E8704"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_1000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9397D7AF-428C-422C-8EB1-B7C59D567BB4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_1100:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "505B044D-2529-4605-9FD0-C6B8B534B4C3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5EAB196-F648-42F7-9621-9D43FA9288C1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFE7BB6D-16FF-4141-93A1-1B4EB7C1D46C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31487AA7-257C-4216-B5E5-6244FF06D00A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4062C260-C7B5-40E4-B77E-5AC1BFDB303D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9FF632-4F67-4D04-A7D9-FDDF24E22541"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27ECF70E-A6FE-4277-B02A-F0551271446B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68CC9A38-CA82-4558-BC92-0433301570E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F74C1145-E2DC-41A5-ADD8-282332124C8A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CB7370-5367-4C3E-9B0E-88A29E1E8704"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC14CB1A-DE5C-4877-8FFB-DF2FA1ADE176"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27ECF70E-A6FE-4277-B02A-F0551271446B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68CC9A38-CA82-4558-BC92-0433301570E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F74C1145-E2DC-41A5-ADD8-282332124C8A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CB7370-5367-4C3E-9B0E-88A29E1E8704"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_1300_series:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6D3C3AC-464F-4BCB-B3FF-CE4718156109"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31487AA7-257C-4216-B5E5-6244FF06D00A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4062C260-C7B5-40E4-B77E-5AC1BFDB303D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B9FF632-4F67-4D04-A7D9-FDDF24E22541"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27ECF70E-A6FE-4277-B02A-F0551271446B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68CC9A38-CA82-4558-BC92-0433301570E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F74C1145-E2DC-41A5-ADD8-282332124C8A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B1CB7370-5367-4C3E-9B0E-88A29E1E8704"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_3200_series:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9CB2EA2-9BC8-4FFD-B79C-0887D65B082B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31487AA7-257C-4216-B5E5-6244FF06D00A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4062C260-C7B5-40E4-B77E-5AC1BFDB303D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B9FF632-4F67-4D04-A7D9-FDDF24E22541"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27ECF70E-A6FE-4277-B02A-F0551271446B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68CC9A38-CA82-4558-BC92-0433301570E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F74C1145-E2DC-41A5-ADD8-282332124C8A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1CB7370-5367-4C3E-9B0E-88A29E1E8704"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_system_500_series:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F04D64C3-9105-49CD-8CED-E802E348ECF0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
