Vulnerability Description
The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Advanced Media Gateway | 1.0\(.1.13\) |
| Cisco | Telepresence Ip Gateway | 2.0.1.7 |
| Cisco | Telepresence Ip Vcr 1.0 Converter | 1.0\(1.9\) |
| Cisco | Telepresence Ip Vcr 2.4 | 1.2 |
| Cisco | Telepresence Ip Vcr 3.0 | 1.22 |
| Cisco | Telepresence Isdn Gw 3241 | 2.0\(1.51\) |
| Cisco | Telepresence Mcu Software | 4.1\(1.51\) |
| Cisco | Telepresence Serial Gateway | 1.0.1.23 |
| Cisco | Telepresence Server Software | 2.1\(1.33\) |
| Cisco | Telepresence Supervisor Mse 8050 Software | 2.1\(1.18\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
FAQ
What is CVE-2015-0713?
CVE-2015-0713 is a vulnerability with a CVSS score of 9.0 (HIGH). The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.2...
How severe is CVE-2015-0713?
CVE-2015-0713 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0713?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Advanced Media Gateway, Cisco Telepresence Ip Gateway, Cisco Telepresence Ip Vcr 1.0 Converter, Cisco Telepresence Ip Vcr 2.4, Cisco Telepresence Ip Vcr 3.0.