CVE-2015-0660

high

Cisco

CVSS v3 Base Score

7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

0.1%

Exploitation probability in 30 days

Top 84% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: March 14, 2015 (4079 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123.

CWE

CWE-284

Affected Products

cisco telepresence server software

References

🔗 tools.cisco.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securitytracker.com

CVE-2015-0660

Vulnerability Report

Description

CWE

Affected Products

References