CVE-2014-0661

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
ciscotelepresence_system_software
𝑥
≤ 1.10.1\(43\)
ciscotelepresence_system_software
1.5.10\(3648\)
ciscotelepresence_system_software
1.7.5\(42\)
ciscotelepresence_system_software
1.7.6\(4\)
ciscotelepresence_system_software
1.8.0\(55\)
ciscotelepresence_system_software
1.8.1\(34\)
ciscotelepresence_system_software
1.8.2\(11\)
ciscotelepresence_system_software
1.8.3\(4\)
ciscotelepresence_system_software
1.8.4\(13\)
ciscotelepresence_system_software
1.8.5\(4\)
ciscotelepresence_system_software
1.9.0\(46\)
ciscotelepresence_system_software
1.9.1\(68\)
ciscotelepresence_system_software
1.9.2\(19\)
ciscotelepresence_system_software
1.9.3\(44\)
ciscotelepresence_system_software
1.9.4\(19\)
ciscotelepresence_system_software
1.9.5\(7\)
ciscotelepresence_system_software
1.9.6\(2\)
ciscotelepresence_system_software
1.9.6.1\(3\)
ciscotelepresence_system_software
1.10.0
ciscotelepresence_system_software
1.10.0\(259\)
ciscotelepresence_system_software
1.10.1
ciscotelepresence_system_1000
-
ciscotelepresence_system_1300-65
-
ciscotelepresence_system_3000
*
ciscotelepresence_system_3010
*
ciscotelepresence_system_3200
*
ciscotelepresence_system_3210
*
ciscotelepresence_system_500-37
-
ciscotelepresence_system_software
𝑥
≤ 6.0.3\(33\)
ciscotelepresence_system_software
6.0.0.1\(4\)
ciscotelepresence_system_software
6.0.1\(50\)
ciscotelepresence_system_software
6.0.2\(28\)
ciscotelepresence_system_software
6.1.0\(90\)
ciscotelepresence_system_1100
-
ciscotelepresence_system_500-32
-
ciscotelepresence_system_tx1300_47
*
ciscotelepresence_system_tx1310_65
*
ciscotelepresence_system_tx9000
*
ciscotelepresence_system_tx9200
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/102362
http://secunia.com/advisories/56533
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts
http://www.securityfocus.com/bid/65071
http://www.securitytracker.com/id/1029656
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624
http://osvdb.org/102362
http://secunia.com/advisories/56533
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts
http://www.securityfocus.com/bid/65071
http://www.securitytracker.com/id/1029656
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624