9
CVSSv2

CVE-2012-3075

Published: 12/07/2012 Updated: 12/07/2012
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

The administrative web interface on Cisco TelePresence Immersive Endpoint Devices prior to 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco telepresence_system_software 1.2.3\\(1101\\)

cisco telepresence_system_software 1.3.2\\(1393\\)

cisco telepresence_system_software 1.4.7\\(2229\\)

cisco telepresence_system_software 1.5.1\\(2082\\)

cisco telepresence_system_software 1.5.3\\(2115\\)

cisco telepresence_system_software 1.5.10\\(3648\\)

cisco telepresence_system_software 1.5.11\\(3659\\)

cisco telepresence_system_software 1.5.12\\(3701\\)

cisco telepresence_system_software 1.5.13\\(3717\\)

cisco telepresence_system_software 1.6.0\\(3954\\)

cisco telepresence_system_software 1.6.2\\(4023\\)

cisco telepresence_system_software 1.6.3\\(4042\\)

cisco telepresence_system_software 1.6.4\\(4072\\)

cisco telepresence_system_software 1.6.5\\(4097\\)

cisco telepresence_system_software 1.6.6\\(4109\\)

cisco telepresence_system_software 1.6.7\\(4212\\)

cisco telepresence_system_software 1.6.8\\(4222\\)

cisco telepresence_system_software 1.7.0.1\\(4764\\)

cisco telepresence_system_software 1.7.0.2\\(4719\\)

cisco telepresence_system_software 1.7.1\\(4864\\)

cisco telepresence_system_software

cisco telepresence_system_software 1.7.2.1\\(2\\)

cisco telepresence_system_1300_65

cisco telepresence_system_3000

cisco telepresence_system_3010

cisco telepresence_system_3200

cisco telepresence_system_3210

cisco telepresence_system_t3

cisco telepresence_system_tx1300_47

cisco telepresence_system_tx1310_65

cisco telepresence_system_tx9000

cisco telepresence_system_tx9200

Vendor Advisories

Cisco TelePresence Endpoint devices contain the following vulnerabilities: Cisco TelePresence API Remote Command Execution Vulnerability Cisco TelePresence Remote Command Execution Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the API Remote Command Execution vulnerabilit ...