Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.9
CVSSv2

CVE-2011-0379

Published: 25/02/2011 Updated: 09/04/2011
CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5
VMScore: 703
Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Adaptive Security Appliance Software

Vulnerability Summary

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote malicious users to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco adaptive_security_appliance_software 1.6.0

cisco asa_5500

cisco 5500_series_adaptive_security_appliance

cisco telepresence_multipoint_switch_software 1.0.4.0

cisco telepresence_multipoint_switch_software 1.1.0

cisco telepresence_multipoint_switch_software 1.5.4

cisco telepresence_multipoint_switch_software 1.5.5

cisco telepresence_multipoint_switch_software 1.1.1

cisco telepresence_multipoint_switch_software 1.1.2

cisco telepresence_multipoint_switch_software 1.5.6

cisco telepresence_multipoint_switch_software 1.6.0

cisco telepresence_multipoint_switch_software 1.5.2

cisco telepresence_multipoint_switch_software 1.5.3

cisco telepresence_multipoint_switch_software 1.6.3

cisco telepresence_multipoint_switch_software 1.6.4

cisco telepresence_multipoint_switch_software 1.5.0

cisco telepresence_multipoint_switch_software 1.5.1

cisco telepresence_multipoint_switch_software 1.6.1

cisco telepresence_multipoint_switch_software 1.6.2

cisco telepresence_multipoint_switch

cisco telepresence_system_software 1.4.7

cisco telepresence_system_software 1.3.2

cisco telepresence_system_software 1.6.6

cisco telepresence_system_software 1.6.7

cisco telepresence_system_software 1.5.13

cisco telepresence_system_software 1.5.3

cisco telepresence_system_software 1.5.1

cisco telepresence_system_software 1.6.8

cisco telepresence_system_software 1.6.5

cisco telepresence_system_software 1.2.3

cisco telepresence_system_software 1.5.10

cisco telepresence_system_software 1.6.3

cisco telepresence_system_software 1.6.4

cisco telepresence_system_software 1.5.11

cisco telepresence_system_software 1.5.12

cisco telepresence_system_software 1.6.0

cisco telepresence_system_software 1.6.2

cisco telepresence_system_1100

cisco telepresence_system_1000

cisco telepresence_system_3000

cisco telepresence_system_1300_series

cisco telepresence_system_3200_series

cisco telepresence_system_500_series

cisco telepresence manager 1.3.2

cisco telepresence manager 1.4.0

cisco telepresence manager 1.5.1

cisco telepresence manager 1.5.2

cisco telepresence manager 1.2.0.0

cisco telepresence manager 1.6.2

Vendor Advisories

Cisco: Multiple Vulnerabilities in Cisco TelePresence Manager
Multiple vulnerabilities exist in the Cisco TelePresence Manager This security advisory outlines the details of the following vulnerabilities: Simple Object Access Protocol (SOAP) Authentication Bypass Java Remote Method Invocation (RMI) Command Injection Cisco Discovery Protocol Remote Code Execution Duplicat ...
Cisco: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices
Multiple vulnerabilities exist in the Cisco TelePresence solution; each component of the solution is addressed independently in its own advisory This advisory addresses Cisco TelePresence endpoint devices and details the following vulnerabilities: Unauthenticated Common Gateway Interface (CGI) Access CGI Command Injection ...
Cisco: Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple vulnerabilities exist within the Cisco TelePresence Recording Server This security advisory outlines details of the following vulnerabilities: Unauthenticated Java Servlet Access Common Gateway Interface (CGI) Command Injection Unauthenticated Arbitrary File Upload XML-Remote Procedure Call ...
Cisco: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
Multiple vulnerabilities exist within the Cisco TelePresence Multipoint Switch This security advisory outlines details of the following vulnerabilities: Unauthenticated Java Servlet Access Unauthenticated Arbitrary File Upload Cisco Discovery Protocol Remote Code Execution Unauthorized Servlet Access Jav ...

References

CWE-119http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtmlhttp://www.securitytracker.com/id?1025113http://www.securitytracker.com/id?1025112http://www.securitytracker.com/id?1025111http://www.securitytracker.com/id?1025114https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110223-telepresence-ctsman
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook