{ "id": "CVE-2014-2174", "sourceIdentifier": "ykramarz@cisco.com", "published": "2015-05-25T00:59:00.073", "lastModified": "2015-05-26T17:54:23.977", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651." }, { "lang": "es", "value": "Cisco TelePresence T, TelePresence TE, y TelePresence TC anterior a 7.1 no implementan correctamente el control de acceso, lo que permite a atacantes remotos obtener privilegios root mediante el env\u00edo de paquetes en la red local y permite a atacantes f\u00edsicamente pr\u00f3ximos obtener privilegios root a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCub67651." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "ADJACENT_NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 8.3 }, "baseSeverity": "HIGH", "exploitabilityScore": 6.5, "impactScore": 10.0, "acInsufInfo": true, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-284" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "21D19C90-19D2-46E5-BDA7-F7125F7A2878" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:3.1_base:*:*:*:*:*:*:*", "matchCriteriaId": "E88E8ECB-9A40-4B2A-B1E1-EB9CB69D322A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "357A8344-F77C-4D95-AFFC-930E3E177630" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1_base:*:*:*:*:*:*:*", "matchCriteriaId": "03F8F06D-174D-4FEB-880F-825019FF2415" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2_base:*:*:*:*:*:*:*", "matchCriteriaId": "A6349908-7468-43BA-ACF2-4166FC95405C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "47981023-90C1-46D1-BCD6-6BE64364C5E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "83DB0369-FA22-43FE-9E0B-B370B44490B0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "982DC39F-5FA0-4450-8C36-447270BFFC36" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "536F8A9D-59C6-42E4-B672-8B1D909F8535" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "1E1B1533-30F2-40AB-8429-2E7606EC06CE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "32B5EEDB-7471-45C2-956B-466626E9EDD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "36912424-2973-4550-9EFD-FC344EC55933" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.7-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "9729B0D4-F6E5-4683-947B-D73C6B147897" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1_base:*:*:*:*:*:*:*", "matchCriteriaId": "BC20694E-FD91-4932-9AB5-1E1C8DD01BD9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "B9056D02-E7C8-47B3-8CEF-E485CA6EC6D6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5198E89F-9F04-4C1E-9EA9-EFE2C118788C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.1-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "70496628-EF39-4E54-BC9E-E2D9BDC00C11" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E50B4A0E-7851-4C1A-AAA7-2E4EF655056D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "01392813-2BC7-4A4E-AF57-443E886E2643" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B421E06-5487-48FA-A602-2EC81C31F341" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.0-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "33CFCB77-65F1-48BF-8057-1F9C56BF7DC1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F940F7CF-D091-4212-8E9C-0FD538F00992" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.1-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "9D68BFBE-50A4-4565-BCDA-29BF2B5B962C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA3C002A-8EA4-4731-A546-CA16E4D0BD0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1.2-cucm:*:*:*:*:*:*:*", "matchCriteriaId": "4C12DD1C-DF28-4B4B-93FB-6E346D810BB3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.1_base:*:*:*:*:*:*:*", "matchCriteriaId": "62C20678-F9B0-488C-B1B4-C04005F5E3FD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CB861F3A-CA8F-493B-B63E-C27007D7A498" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20F63626-8F70-4EE8-80A7-24614640E2CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2083FC5B-B24C-49C9-B44B-29C9F9A27BD5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "98814197-69ED-414D-9B16-9E43C2244106" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "ABD0EDC3-3932-4DB2-9562-682808B20DD7" } ] } ] } ], "references": [ { "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }