HIGH✓ PATCH🇬🇧 English

CVE-2014-2174

CVSS 8.3v2.0pub. 2015-05-25upd. 2026-05-06

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

oryginał EN
CVSS Vector
AV:A/AC:L/Au:N/C:C/I:C/A:C
  • Cisco Telepresence Tc Software

    APP
    Cisco
    3.1.53.1_base4.1.04.1.14.1.24.1_base4.2.04.2.14.2.24.2.34.2.44.2_base5.0.25.0.2-cucm5.0_base+ 25 więcej
  • Cisco Telepresence Te Software

    APP
    Cisco
    6.0.06.0.16.0.26.0_base
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2016-1387CRITICAL9.8ten sam produkt

The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collabor...

CVE-2017-6648HIGH7.5ten sam produkt

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboratio...

CVE-2015-0722HIGH7.8ten sam produkt

The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 all...

CVE-2014-2165HIGH7.8ten sam produkt

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote...

CVE-2014-2163HIGH7.8ten sam produkt

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attacke...