CVE-2011-0392

Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
ciscotelepresence_recording_server_software
1.6.1
ciscotelepresence_recording_server_software
1.6.2
ciscotelepresence_recording_server_software
1.6.3
ciscotelepresence_recording_server
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml
http://www.securityfocus.com/bid/46522
http://www.securitytracker.com/id?1025114
https://exchange.xforce.ibmcloud.com/vulnerabilities/65609
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml
http://www.securityfocus.com/bid/46522
http://www.securitytracker.com/id?1025114
https://exchange.xforce.ibmcloud.com/vulnerabilities/65609