CVE-2014-2170

Published May 2, 2014

Last updated a month ago

CVSS info 9.0

Overview

Description: Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to tshell (aka tcsh) scripts, aka Bug ID CSCue60202.
Source: psirt@cisco.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_te_software:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1568AF81-D676-448F-A64D-561E8F7DD874"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E492709-66DB-4491-AC15-550398099903"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88A64CA3-C8E8-4DCB-B865-1767EE178F79"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A19AC9B-91B4-4691-BFB7-BEC9A3CD2678"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C4C16D2-4FFC-45C5-B3D8-26EF76482B7A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02184B87-A8D9-4445-A6FC-F1F5DDE0DBDA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AEFCD2A-167A-4897-BF94-42876763F38B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A94F378C-506E-4C0A-A23A-1F71ABDBD7EA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB451E1B-9B64-434B-BA1E-FFE9CD472CC1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D46D718-4708-4018-A1E2-2094519E9E3B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "079634DC-D13E-41A3-87E0-F694C3315647"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_tc_software:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "856DDAE1-C3E6-4F70-946B-515F7B308517"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References