Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2014-0661

Disclosure Date: January 22, 2014 •

CVE-2014-0661

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

cisco

Products

telepresence system 1000 -,
telepresence system 1100 -,
telepresence system 1300-65 -,
telepresence system 3000,
telepresence system 3010,
telepresence system 3200,
telepresence system 3210,
telepresence system 500-32 -,
telepresence system 500-37 -,
telepresence system software,
telepresence system software 1.10.0,
telepresence system software 1.10.0(259),
telepresence system software 1.10.1,
telepresence system software 1.5.10(3648),
telepresence system software 1.7.5(42),
telepresence system software 1.7.6(4),
telepresence system software 1.8.0(55),
telepresence system software 1.8.1(34),
telepresence system software 1.8.2(11),
telepresence system software 1.8.3(4),
telepresence system software 1.8.4(13),
telepresence system software 1.8.5(4),
telepresence system software 1.9.0(46),
telepresence system software 1.9.1(68),
telepresence system software 1.9.2(19),
telepresence system software 1.9.3(44),
telepresence system software 1.9.4(19),
telepresence system software 1.9.5(7),
telepresence system software 1.9.6(2),
telepresence system software 1.9.6.1(3),
telepresence system software 6.0.0.1(4),
telepresence system software 6.0.1(50),
telepresence system software 6.0.2(28),
telepresence system software 6.1.0(90),
telepresence system tx1300 47,
telepresence system tx1310 65,
telepresence system tx9000,
telepresence system tx9200

References

Canonical

CVE-2014-0661 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0661)

BID-65071 (http://www.securityfocus.com/bid/65071)

Advisory

OSVDB-102362 (http://osvdb.org/102362)

20140122 Cisco TelePresence System Software Command Execution Vulnerability (http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts)

XF-cisco-telepresence-cve20140661-command-exec(90624) (https://exchange.xforce.ibmcloud.com/vulnerabilities/90624)

SECUNIA-56533 (http://secunia.com/advisories/56533)

SECTRACK-1029656 (http://www.securitytracker.com/id/1029656)

Rapid7

Unknown

CVE-2014-0661

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2014-0661

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2014-0661

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2014-0661

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification