{ "id": "CVE-2014-2169", "sourceIdentifier": "ykramarz@cisco.com", "published": "2014-05-02T10:55:08.320", "lastModified": "2014-05-02T18:11:05.753", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211." }, { "lang": "es", "value": "Cisco TelePresence TC Software 4.x hasta 6.x anterior a 6.2.0 y TE Software 4.x y 6.0 permiten a usuarios remotos autenticados ejecutar comandos arbitrarios mediante el uso de los comandos como argumentos hacia scripts de sistema internos, tambi\u00e9n conocido como Bug ID CSCue60211." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.0 }, "baseSeverity": "HIGH", "exploitabilityScore": 8.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E492709-66DB-4491-AC15-550398099903" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "88A64CA3-C8E8-4DCB-B865-1767EE178F79" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C4C16D2-4FFC-45C5-B3D8-26EF76482B7A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "02184B87-A8D9-4445-A6FC-F1F5DDE0DBDA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9AEFCD2A-167A-4897-BF94-42876763F38B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "1568AF81-D676-448F-A64D-561E8F7DD874" } ] } ] } ], "references": [ { "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }