CVE-2014-0661

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.5.10\(3648\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.7.5\(42\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.7.6\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.0\(55\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.1\(34\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.2\(11\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.3\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.4\(13\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.8.5\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.0\(46\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.1\(68\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.2\(19\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.3\(44\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.4\(19\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.5\(7\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.6\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.10.0\(259\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:telepresence_system_1000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_1300-65:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_500-37:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:6.0.1\(50\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:6.0.2\(28\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_system_software:6.1.0\(90\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:telepresence_system_1100:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_500-32:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:02

Type Values Removed Values Added
References () http://osvdb.org/102362 - () http://osvdb.org/102362 -
References () http://secunia.com/advisories/56533 - () http://secunia.com/advisories/56533 -
References () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts - Vendor Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts - Vendor Advisory
References () http://www.securityfocus.com/bid/65071 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/65071 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1029656 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1029656 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/90624 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/90624 -

Information

Published : 2014-01-22 21:55

Updated : 2024-11-21 02:02


NVD link : CVE-2014-0661

Mitre link : CVE-2014-0661

CVE.ORG link : CVE-2014-0661


JSON object : View

Products Affected

cisco

  • telepresence_system_3210
  • telepresence_system_3000
  • telepresence_system_tx1310_65
  • telepresence_system_tx1300_47
  • telepresence_system_tx9000
  • telepresence_system_1100
  • telepresence_system_1300-65
  • telepresence_system_tx9200
  • telepresence_system_1000
  • telepresence_system_500-37
  • telepresence_system_3200
  • telepresence_system_500-32
  • telepresence_system_software
  • telepresence_system_3010
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')