1. Home
  2. CVE Database
  3. CVE-2011-0383
HIGH · 10.0

CVE-2011-0383

The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, an...

Vulnerability Description

The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoTelepresence Recording Server Software1.6.1
CiscoTelepresence Recording ServerAll versions
CiscoTelepresence Multipoint Switch Software1.0.4.0
CiscoTelepresence Multipoint SwitchAll versions

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2011-0383?

CVE-2011-0383 is a vulnerability with a CVSS score of 10.0 (HIGH). The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, an...

How severe is CVE-2011-0383?

CVE-2011-0383 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0383?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Recording Server Software, Cisco Telepresence Recording Server, Cisco Telepresence Multipoint Switch Software, Cisco Telepresence Multipoint Switch.