CVE-2011-0384

EUVD-2011-0410
The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
ciscotelepresence_multipoint_switch_software
1.0.4.0
ciscotelepresence_multipoint_switch_software
1.1.0
ciscotelepresence_multipoint_switch_software
1.1.1
ciscotelepresence_multipoint_switch_software
1.1.2
ciscotelepresence_multipoint_switch_software
1.5.0
ciscotelepresence_multipoint_switch_software
1.5.1
ciscotelepresence_multipoint_switch_software
1.5.2
ciscotelepresence_multipoint_switch_software
1.5.3
ciscotelepresence_multipoint_switch_software
1.5.4
ciscotelepresence_multipoint_switch_software
1.5.5
ciscotelepresence_multipoint_switch_software
1.5.6
ciscotelepresence_multipoint_switch_software
1.6.0
ciscotelepresence_multipoint_switch_software
1.6.1
ciscotelepresence_multipoint_switch_software
1.6.2
ciscotelepresence_multipoint_switch_software
1.6.3
ciscotelepresence_multipoint_switch_software
1.6.4
ciscotelepresence_multipoint_switch
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml
http://www.securityfocus.com/bid/46520
http://www.securitytracker.com/id?1025113
https://exchange.xforce.ibmcloud.com/vulnerabilities/65620
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml
http://www.securityfocus.com/bid/46520
http://www.securitytracker.com/id?1025113
https://exchange.xforce.ibmcloud.com/vulnerabilities/65620