CVE-2011-0372

critical

Cisco

CVSS v3 Base Score

10.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

4.0%

Exploitation probability in 30 days

Top 12% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: February 25, 2011 (5557 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.

CWE

CWE-78

Affected Products

cisco telepresence system softwarecisco telepresence system 1000cisco telepresence system 1100cisco telepresence system 3000cisco telepresence system 1300 seriescisco telepresence system 3200 seriescisco telepresence system 500 series

References

🔗 www.cisco.com 🔗 www.securitytracker.com 🔗 www.cisco.com 🔗 www.securitytracker.com

CVE-2011-0372

Vulnerability Report

Description

CWE

Affected Products

References