CVE-2011-0378

high

Cisco

CVSS v3 Base Score

8.3

AV:A/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

1.9%

Exploitation probability in 30 days

Top 17% most likely to be exploited

Attack Characteristics

Attack Vector

Adjacent

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: February 25, 2011 (5557 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.

CWE

CWE-78

Affected Products

cisco telepresence system softwarecisco telepresence system 1000cisco telepresence system 1100cisco telepresence system 3000cisco telepresence system 1300 seriescisco telepresence system 3200 seriescisco telepresence system 500 series

References

🔗 www.cisco.com 🔗 www.securitytracker.com 🔗 www.cisco.com 🔗 www.securitytracker.com

CVE-2011-0378

Vulnerability Report

Description

CWE

Affected Products

References