Vulnerability Description
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence System Software | <= 1.10.1\(43\) |
| Cisco | Telepresence System 1000 | - |
| Cisco | Telepresence System 1300-65 | - |
| Cisco | Telepresence System 3000 | All versions |
| Cisco | Telepresence System 3010 | All versions |
| Cisco | Telepresence System 3200 | All versions |
| Cisco | Telepresence System 3210 | All versions |
| Cisco | Telepresence System 500-37 | - |
| Cisco | Telepresence System 1100 | - |
| Cisco | Telepresence System 500-32 | - |
| Cisco | Telepresence System Tx1300 47 | All versions |
| Cisco | Telepresence System Tx1310 65 | All versions |
| Cisco | Telepresence System Tx9000 | All versions |
| Cisco | Telepresence System Tx9200 | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/102362
- http://secunia.com/advisories/56533
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/65071Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1029656Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90624
- http://osvdb.org/102362
- http://secunia.com/advisories/56533
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/65071Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1029656Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90624
FAQ
What is CVE-2014-0661?
CVE-2014-0661 is a vulnerability with a CVSS score of 8.3 (HIGH). The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote at...
How severe is CVE-2014-0661?
CVE-2014-0661 has been rated HIGH with a CVSS base score of 8.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0661?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence System Software, Cisco Telepresence System 1000, Cisco Telepresence System 1300-65, Cisco Telepresence System 3000, Cisco Telepresence System 3010.