PT-2007-5899 · Cisco · Cisco Video Surveillance Sp/Isp Decoder+2

Publicado

2007-09-06

·

Atualizado

2017-07-29

·

CVE-2007-4747

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) versions 1.8.1 and earlier Cisco Video Surveillance SP/ISP Decoder Software versions 1.11.0 and earlier Cisco Video Surveillance SP/ISP firmware versions 1.23.7 and earlier
Description: The issue concerns the telnet service, which does not require authentication. This allows remote attackers to perform administrative actions.
Recommendations: For Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) versions 1.8.1 and earlier, update to a version later than 1.8.1. For Cisco Video Surveillance SP/ISP Decoder Software versions 1.11.0 and earlier, update to a version later than 1.11.0. For Cisco Video Surveillance SP/ISP firmware versions 1.23.7 and earlier, update to a version later than 1.23.7.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2007-4747

Produtos afetados

Cisco Video Surveillance Ip Gateway Encoder/Decoder
Cisco Video Surveillance Sp/Isp Decoder
Cisco Video Surveillance Sp/Isp Firmware