CVE-2010-3037

22.11.2010, 20:00

goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway, Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway, and Unified Videoconferencing 3515 Multipoint Control Unit (MCU), allows remote authenticated administrators to execute arbitrary commands via the username field, related to a "shell command injection vulnerability," aka Bug ID CSCti54059.

Code Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	8.5 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:S/C:C/I:C/A:C
cisco	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 83%

Vendor	Product	Version
cisco	unified_videoconferencing_system_5110_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_5115_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_5110	*
cisco	unified_videoconferencing_system_5115	*
cisco	unified_videoconferencing_system_3515_multipoint_control_unit_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_3522_basic_rate_interface_gateway_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_3527_primary_rate_interface_gateway_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_3545_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_5230_firmware	7.0.1.13.3
cisco	unified_videoconferencing_system_3515_multipoint_control_unit	*
cisco	unified_videoconferencing_system_3522_basic_rate_interface_gateway	*
cisco	unified_videoconferencing_system_3527_primary_rate_interface_gateway	*
cisco	unified_videoconferencing_system_3545	*
cisco	unified_videoconferencing_system_5230	*

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-94 - Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References

http://seclists.org/fulldisclosure/2010/Nov/167

http://www.cisco.com/en/US/products/products_security_response09186a0080b56d0d.html

http://www.securityfocus.com/bid/44922

http://www.securitytracker.com/id?1024753

http://www.trustmatta.com/advisories/MATTA-2010-001.txt

http://seclists.org/fulldisclosure/2010/Nov/167

http://www.cisco.com/en/US/products/products_security_response09186a0080b56d0d.html

http://www.securityfocus.com/bid/44922

http://www.securitytracker.com/id?1024753

http://www.trustmatta.com/advisories/MATTA-2010-001.txt