Home

CVE-2012-3076

Description

The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.619

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities in Cisco TelePresence Recording Server For Cisco TelePresence ManagerNCM
Multiple Vulnerabilities in Cisco TelePresence Recording Server For Cisco TelePresence Multipoint SwitchNCM
Multiple Vulnerabilities in Cisco TelePresence Recording Server For Cisco TelePresence Recording ServerNCM
Multiple Vulnerabilities in Cisco TelePresence Recording Server For Cisco TelePresence System 3000 SeriesNCM
Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability (CVE-2012-3076)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705376Security Update for Cisco TelePresence Manager 1.9.0(186)
PATCH-1702381Security Update for Cisco TelePresence Multipoint Switch 10.0(2)
PATCH-1702392Security Update for Cisco TelePresence Recording Server 10.0(2)
PATCH-1705615Security Update for Cisco TelePresence System 3000 Series 1.9.10:5

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234