Home

CVE-2015-0713

Description

The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.49

Associated Vulnerability

VulnerabilityOS Platform
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence IP Gateway SeriesNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence IP VCR SeriesNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence Serial Gateway SeriesNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence ServerNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence MSE 8000 SeriesNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence MCU 4500 SeriesNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence ISDN GatewayNCM
Command Injection Vulnerability in Multiple Cisco TelePresence Products For Cisco TelePresence Advanced Media Gateway SeriesNCM
CVE-2015-0713NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1702329Security Update for Cisco TelePresence IP Gateway Series 3.0(1.27)
PATCH-1702331Security Update for Cisco TelePresence IP VCR Series 3.0(1.27)
PATCH-1705959Security Update for Cisco TelePresence Serial Gateway Series 1.0(1.52)
PATCH-1705960Security Update for Cisco TelePresence Server 4.4(1.16)
PATCH-1705956Security Update for Cisco TelePresence MSE 8000 Series 2.3(1.51)
PATCH-1705864Security Update for Cisco TelePresence MCU 4500 Series 4.5(1.89)
PATCH-1705955Security Update for Cisco TelePresence ISDN Gateway 2.2(1.122)
PATCH-1705660Security Update for Cisco TelePresence Advanced Media Gateway Series 1.1(1.40)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234