CVE-2013-3379

EUVD-2013-3314
The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
ciscotelepresence_tc_software
𝑥
≤ 4.1.2
ciscotelepresence_tc_software
4.0.0
ciscotelepresence_tc_software
4.0.1
ciscotelepresence_tc_software
4.0.4
ciscotelepresence_tc_software
4.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc