PT-2011-2295 · Cisco · Cisco Telepresence
Publicado
2011-02-25
·
Atualizado
2011-03-31
·
CVE-2011-0373
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco TelePresence endpoint devices versions 1.2.x through 1.5.x
Description
The issue allows remote authenticated users to execute arbitrary commands via a malformed request, related to command injection vulnerabilities.
Recommendations
For versions 1.2.x through 1.5.x, update to a version that fixes the command injection issue to prevent arbitrary command execution.
Correção
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Telepresence