PT-2010-4509 · Cisco · Cisco Unified Videoconferencing System

Publicado

2010-11-22

Atualizado

2010-12-10

CVE-2010-3037

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Unified Videoconferencing System versions (affected versions not specified)

Description The issue allows remote authenticated administrators to execute arbitrary commands via the username field, related to a shell command injection vulnerability. This affects various Cisco Unified Videoconferencing systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2010-3037

Produtos afetados

Cisco Unified Videoconferencing System

PT-2010-4509 · Cisco · Cisco Unified Videoconferencing System

CVE-2010-3037

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6