7.2
CVSSv2

CVE-2014-2173

Published: 02/05/2014 Updated: 02/05/2014
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 do not properly restrict access to the serial port, which allows local users to gain privileges via unspecified commands, aka Bug ID CSCub67692.

Affected Products

Vendor Product Versions
CiscoTelepresence Tc Software4.0.0, 4.0.1, 4.0.4, 4.1.1, 4.1.2, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7
CiscoTelepresence Te Software4.1.0, 4.1.1, 4.1.2, 4.1.3, 6.0

Vendor Advisories

Cisco TelePresence TC and TE Software are affected by the following vulnerabilities: Six Session Initiation Protocol (SIP) denial of service vulnerabilities Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability Cisco TelePresence TC and TE Software Input Validation Vulnerability Cisco TelePresence TC and TE Softwa ...