Vulnerability Description
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Recording Server Software | 1.6.1 |
| Cisco | Telepresence Recording Server | All versions |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.sVendor Advisory
- http://www.securityfocus.com/bid/46522
- http://www.securitytracker.com/id?1025114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65605
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.sVendor Advisory
- http://www.securityfocus.com/bid/46522
- http://www.securitytracker.com/id?1025114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65605
FAQ
What is CVE-2011-0386?
CVE-2011-0386 is a vulnerability with a CVSS score of 9.3 (HIGH). The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code ...
How severe is CVE-2011-0386?
CVE-2011-0386 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0386?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Recording Server Software, Cisco Telepresence Recording Server.