Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.809729 |
Category: | CISCO |
Title: | Cisco TelePresence CE and TC Software Command Injection Vulnerability(cisco-sa-20161102-tp) |
Summary: | The host is running Cisco TelePresence; Endpoint and is prone to local command injection vulnerability. |
Description: | Summary: The host is running Cisco TelePresence Endpoint and is prone to local command injection vulnerability. Vulnerability Insight: The vulnerability is due to incomplete input sanitization of some commands. Vulnerability Impact: Successful exploitation will allow remote attackers to execute local shell commands with commands injected as parameters. Also the attacker can retrieve full information from the device including private keys. Affected Software/OS: All TelePresence endpoints running following CE or TC software are affected: Cisco TelePresence CE Software 8.1.0, Cisco TelePresence CE Software 8.0.0, Cisco TelePresence TC Software 7.3.0, Cisco TelePresence TC Software 7.3.1, Cisco TelePresence TC Software 7.3.2, Cisco TelePresence TC Software 7.3.3, Cisco TelePresence TC Software 7.1.0, Cisco TelePresence TC Software 7.1.1, Cisco TelePresence TC Software 7.1.2, Cisco TelePresence TC Software 7.1.3, Cisco TelePresence TC Software 7.1.4 Solution: Apply updates as available from vendor. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N |
Cross-Ref: |
BugTraq ID: 94075 Common Vulnerability Exposure (CVE) ID: CVE-2016-6459 http://www.securityfocus.com/bid/94075 http://www.securitytracker.com/id/1037187 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |