HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2011-4659

CVSS 10.0v2.0pub. 2012-01-19upd. 2026-04-29

Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Cisco Ip Video Phone E20

    HW
    Cisco
    wszystkie wersje
  • Cisco Telepresence E20 Software

    APP
    Cisco
    te2.2te2.2.1te4.0.0te4.1.0te4.1.1tenc4.0.0tenc4.1.0tenc4.1.1tenc4.1.1-cucm≤ te4.1.1-cucm
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2013-3377HIGH7.8ten sam produkt

Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a den...

CVE-2011-2577HIGH7.8ten sam produkt

Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series ...

CVE-2026-20182CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Cisco Catalyst SD-WAN — pominięcie uwierzytelnienia z dostępem administracyjnym

CVE-2026-20131CRITICAL10.0⚠ KEVPL ✓ten sam vendor

RCE przez insecure deserialization w Cisco Secure Firewall Management Center

CVE-2026-20127CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Cisco Catalyst SD-WAN — ominięcie uwierzytelnienia peering i przejęcie uprawnień