CVE-2014-0661

Sažetak

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.

Reference

http://osvdb.org/102362
http://secunia.com/advisories/56533
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts
http://www.securityfocus.com/bid/65071
http://www.securitytracker.com/id/1029656
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624

CVSS

Base:	8.3
Impact:	10.0
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

22-01-2014 - 21:55