{"id": "CVE-2020-3143", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2020-09-23T01:15:15.410", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account."}, {"lang": "es", "value": "Una vulnerabilidad en la API del endpoint de video (xAPI) de Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, y Cisco RoomOS Software, podr\u00eda permitir a un atacante remoto autenticado conducir ataques de salto de directorio en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario para la xAPI del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n dise\u00f1ada hacia la xAPI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer y escribir archivos arbitrarios en el sistema. Para explotar esta vulnerabilidad, un atacante podr\u00eda necesitar un In-Room Control o una cuenta de administrador"}], "lastModified": "2020-10-05T14:43:03.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ex60_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25AE211E-E216-456C-A418-54A9F1D4A528"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ex60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4DCB5C6D-7E0A-4C3C-953A-DE9176060335"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ex90_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50D1F2D2-17F2-4A96-AF6B-DFFE5FDF6E9A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ex90:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "92DC52BD-9704-4406-9F8B-44049A18BC8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx10_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46CAB451-2370-4FDA-981A-2402BCA610DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "318D0E10-B389-45A7-8B53-F515C0E8CA31"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx20_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EFB48F0-3B5A-4DD2-BB68-38BA42043DA8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "18EB7279-FB2E-433D-A6DA-5E5E94725C27"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx80_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B803447B-B889-41DE-8254-BBEF0D664FC0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx80:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD91FCB6-AF82-4425-BBBC-7CDD8CBF7978"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c40_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AF8E71F-0EDA-473A-A673-E29CAC50C256"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B87CEA3A-2CF3-48DF-935F-31553CAC1ED8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c60_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7549095E-BC00-449F-98AD-2FDF61506AB0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0754B77C-E888-461E-AA1E-74B78DA59B78"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c90_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53020625-037E-46A9-B970-C30802BDC111"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c90:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0BFF6AA3-4850-40A3-8211-82F60F14ACD3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx200_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70567CFE-DEBD-4285-BB11-6EDC94126949"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "392D3BBE-8C2D-4643-95DB-79CF5CEDBC6A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx300_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC55F6C2-D7FA-4BCA-961E-4994F577D151"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63ED55F5-C88A-463D-9D5D-347D8C85AC43"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7F13426-3904-4A07-B1B9-1464F5E083DC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "89C485F0-17FF-4785-ABF1-BC6CB38196E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx800_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF15695E-752D-4C94-9A77-0BB56F10CA1F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16DE9D91-7C80-4BDB-B4B4-FACD56957999"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A0EF95-7CC5-4EE2-A5D8-803195F63F49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6554B9F-CD89-49B4-B55A-510B1C881C4F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68546316-D08D-4E0B-BDDE-BF6320B730EB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D0EC6FF-44F6-4033-BDAF-A396C2635D3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85FDA9FB-BB79-4A60-B825-D68B3719BFE3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5565DF04-82F3-40C7-8E82-44A0DA72398B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15073B83-81ED-4E98-8521-1320F8120C3F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31842684-B05D-4E17-9229-EC6993E78612"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69224767-0E2B-4A85-A7F1-77C6B41668DE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90095155-ABC0-43C9-896A-55A797EC2055"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9A983D4D-9E04-45CE-BE3C-9FCD0018837F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA1BD59F-078D-45D2-AC39-C479A4C6E7CA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AD45F341-FAD8-4B10-B28C-8697E51C6B61"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}