CVE-2011-0378

Sažetak

The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.

Reference

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtml
http://www.securitytracker.com/id?1025112

CVSS

Base:	8.3
Impact:	10.0
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

31-03-2011 - 03:29

Objavljeno

25-02-2011 - 12:00