CVE-2015-0713

Published May 25, 2015

Last updated 3 months ago

CVSS info 9.0

Overview

Description: The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.0\\(.1.13\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02365039-7794-4A7C-B48F-AFEBAE929B7D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(.1.14\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C6AB701-BFBA-4199-83AC-F5D39C56FEAB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\\(1.34\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7FE013A-292B-46D7-80BE-3B26FBD05D4B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D7B8A87-18A3-4F9A-80CA-531F8FD34EC0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA75EBD3-C348-4175-AE49-C1F43168E591"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_gateway:2.0.3.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5E5CB75-06D2-47DD-A435-1CD7887B4143"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_1.0_converter:1.0\\(1.9\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A83850D3-C59D-4170-A5E1-4F9AFF068EE0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_2.4:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03952191-EEBA-434B-B38A-D4470731F74C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A280285-5B92-4518-8432-919654B0C34B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B466E73-B28C-4AE1-8830-3D7ECAFDE34B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.0\\(1.51\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8415303-8D7D-4E37-ACD0-6E6011D2B8CE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.22\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9A30919-F651-4018-BE0F-71AF8C56BABD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.43\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CE00AF4-76FD-42E4-A0FC-6E1534282C7C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.49\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2A3CF3A-6068-4D5D-BCDA-77B201E28800"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_isdn_gw_3241:2.1\\(1.56\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C9E2011-B794-485A-93C6-EFDE17C98DD3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.51\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7A0E502-987C-4BB3-BB30-4E46128D73EE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.1\\(1.59\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0F653E6-270B-4BFF-8F26-2CD4A3B6F60D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.43\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3EFEACC-766F-4479-A69E-389D0448A44E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.46\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF1356C5-A6BC-4D1F-A640-0E0D568797AF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.2\\(1.50\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C844842F-45CF-43DC-84DA-C52AEB40E54C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(1.68\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3C20EAA-687B-4531-91EB-C1B835A6C0BA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.18\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "970A98BD-0018-44E2-B4AA-5715B383EB29"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.30\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB0C1257-037A-4FED-8FAC-F39169A1D0B9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3\\(2.32\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5FC7CE6-D1BE-4E78-9727-39AED8E04306"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.42\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F47D2C63-FA7A-4993-A44B-7DE1F9158EE4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4\\(3.49\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C75377B-0CB7-461C-A857-1CC9BB394B1D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75DB1C8C-C9E5-4C83-B524-3E71B1FAACF6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63549A00-A34D-4A7E-A38C-6470EBBB0A0E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_serial_gateway:1.0.1.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D964BE9-A3B7-46D6-BBC6-0DBF0F13B91A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.33\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4987F125-01CF-4D17-AF4C-E1F4BB977039"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.1\\(1.37\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB6EAFBB-5B0A-43E0-A7A7-8B2C17033301"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.43\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B029054E-5575-40DA-B9C0-C45A0E938D8E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.48\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B4263AB-2AE2-418D-AFD1-FAA4CF46DE41"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.2\\(1.54\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D93A770A-3B67-4F27-B695-50F0430AFB03"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.55\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C8E87AF-FAC5-419F-80DF-02EF48485990"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.57\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A5488C8-1B72-41D5-B346-1C27B529BAC8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.24\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE67D1A0-522A-4FEB-A59E-27D8E8FA3196"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(1.57\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71B3BA0E-F4D1-484D-987D-F96DD3DECDB9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(2.8\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28A70BA8-B132-4EAC-A9C5-706B5BE7D837"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.1\\(1.18\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEE3300B-EB67-43E2-B124-6BAFD8AE2AA1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.2\\(1.17\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F6C244B-DFCE-4E17-B13D-2DBB7053D0C3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_supervisor_mse_8050_software:2.3\\(1.32\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "555E1314-2954-4D81-8BFB-298CE9891106"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References