CVE-2015-0713
critical
Cisco CVSS v3 Base Score
9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS Score
0.5%
Exploitation probability in 30 days
Top 34% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Vulnerability Report
Generated by CyberWatcher
Description
The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.
CWE
CWE-264Affected Products
cisco telepresence advanced media gatewaycisco telepresence ip gatewaycisco telepresence ip vcr 1.0 convertercisco telepresence ip vcr 2.4cisco telepresence ip vcr 3.0cisco telepresence isdn gw 3241cisco telepresence mcu softwarecisco telepresence serial gatewaycisco telepresence server softwarecisco telepresence supervisor mse 8050 software