Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.6
CVSSv2

CVE-2014-2172

Published: 02/05/2014 Updated: 02/05/2014
CVSS v2 Base Score: 6.6 | Impact Score: 10 | Exploitability Score: 2.7
VMScore: 587
Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C
Subscribe to Telepresence Tc Software

Vulnerability Summary

A vulnerability in the implementation of executable utilities that use the universal bootloader (u-boot) compiler of Cisco TelePresence TC and TE Software could allow an authenticated, local malicious user to create a buffer overflow and possibly execute arbitrary code on the affected system. The vulnerability is due to the improper implementation of internal executable files when the u-boot compiler flag is defined. An attacker could exploit this vulnerability by accessing the affected system command-line interface (CLI) and try to run the affected executable files. Cisco has confirmed the vulnerability in a security advisory and released software updates. A successful exploit would require local access to the targeted device. This access requirement decreases the likelihood of a successful exploit. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco telepresence tc software 5.0.0

cisco telepresence tc software 5.0.1

cisco telepresence tc software 5.0.2

cisco telepresence tc software 5.1.0

cisco telepresence tc software 4.2.2

cisco telepresence tc software 4.2.3

cisco telepresence tc software 4.2.4

cisco telepresence tc software 5.1.7

cisco telepresence tc software 5.1.1

cisco telepresence tc software 5.1.3

cisco telepresence tc software 5.1.5

cisco telepresence tc software 4.1.1

cisco telepresence tc software 4.2.0

cisco telepresence tc software 5.1.6

cisco telepresence tc software 4.0.0

cisco telepresence tc software 4.0.1

cisco telepresence tc software 4.0.4

cisco telepresence tc software 5.1.2

cisco telepresence tc software 5.1.4

cisco telepresence tc software 4.1.2

cisco telepresence tc software 4.2.1

cisco telepresence te software 4.1.0

cisco telepresence te software 4.1.2

cisco telepresence te software 4.1.3

cisco telepresence te software 6.0

cisco telepresence te software 4.1.1

Vendor Advisories

Cisco: Cisco TelePresence TC and TE Software u-boot Buffer Overflow Vulnerability
A vulnerability in the implementation of executable utilities that use the universal bootloader (u-boot) compiler of Cisco TelePresence TC and TE Software could allow an authenticated, local attacker to create a buffer overflow and possibly execute arbitrary code on the affected system The vulnerability is due to the improper implementation of in ...
Cisco: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
Cisco TelePresence TC and TE Software are affected by the following vulnerabilities: Six Session Initiation Protocol (SIP) denial of service vulnerabilities Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability Cisco TelePresence TC and TE Software Input Validation Vulnerability Cisco TelePresence TC and TE Softwa ...

References

CWE-119http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tctehttps://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140430-CVE-2014-2172
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook