9
CVSSv2

CVE-2014-2170

Published: 02/05/2014 Updated: 02/05/2014
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Cisco TelePresence TC Software 4.x and 5.x prior to 5.1.7 and 6.x prior to 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to tshell (aka tcsh) scripts, aka Bug ID CSCue60202.

Affected Products

Vendor Product Versions
CiscoTelepresence Tc Software4.0.0, 4.0.1, 4.0.4, 4.1.1, 4.1.2, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 6.0.0
CiscoTelepresence Te Software4.1.0, 4.1.1, 4.1.2, 4.1.3, 6.0

Vendor Advisories

Cisco TelePresence TC and TE Software are affected by the following vulnerabilities: Six Session Initiation Protocol (SIP) denial of service vulnerabilities Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability Cisco TelePresence TC and TE Software Input Validation Vulnerability Cisco TelePresence TC and TE Softwa ...