fkie_cve-2014-0661
Vulnerability from fkie_nvd
Published
2014-01-22 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F08637F-59D9-400D-B9C4-0EC13C8F8A7F",
"versionEndIncluding": "1.10.1\\(43\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C68D879E-4522-4069-84B7-ED7C511B9D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43DB9A3E-F495-4D22-874F-DDFB73C07534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2177AF2B-BF5C-431C-8899-88ECC4E91BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F2DBBADC-6367-4F75-9F58-E42A05AC992C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFEAB6C5-3B65-42D0-B597-0322D9F57C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "62CBB917-651A-4EB8-842D-0BEA708A1BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.4\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BBAAC16-A2BE-4D8D-8DEA-9FD4BDA7E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.5\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8819E5D6-F369-4BD2-A816-94F7A919C4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34508470-64C3-4A99-BBB0-169AFA3BE50B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.1\\(68\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E6570B01-07EB-425B-91E7-70517889A462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.2\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68710E69-4FD8-4FED-9D7B-CE7317982E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.3\\(44\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00737930-5F3C-4274-9633-00B3837ED6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.4\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "995E5365-B6C3-4A4A-9F14-EADD27C8B9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.5\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20831FBF-99C9-4B02-A577-6D28CC2983DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34600183-7CCF-4424-8887-8EC9ADD1B09E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53734B19-352E-40F4-9A7C-E1A545B511FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E70952-7132-4F2B-932F-56FAD2A89A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0\\(259\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B3E2221-6FA5-4ABB-9102-414430E4865B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F861192D-6138-49D2-BF8A-2D10B863253A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A859689-4C45-4274-A46E-21CFC82EE4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_1300-65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63DF9134-97F0-4E13-ADB8-C40D67681EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC14CB1A-DE5C-4877-8FFB-DF2FA1ADE176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF6B03F-670A-4604-8B4F-1F05B146E36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC220DAD-E967-4CC5-9C13-6A5AE98D79EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A13ACECA-121B-4D77-AB54-F579CF67098B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_500-37:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C8B085-E37B-4440-9DAD-EA1702D79A5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39E38912-F6E7-41F9-B113-C1B27AEF455F",
"versionEndIncluding": "6.0.3\\(33\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C315F74-11D0-42EF-84F7-A9747A8C03E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.1\\(50\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18516CB9-5EE8-4CC3-ACC3-6A0DF29D1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.2\\(28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A03B63BB-9DE1-41F9-A993-8295C368F611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.1.0\\(90\\):*:*:*:*:*:*:*",
"matchCriteriaId": "328C698B-0ABE-45C2-A2B1-91D9A42C8374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24395007-C981-4CE9-92EB-29DBBF8F481E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_500-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E530C9D1-8ACD-4B32-A96D-60E94916A872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CEC335-24DB-4C7E-B138-D566C95FB30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FCAAE92-6F2E-4F11-A240-D5EC67974424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "911B3EBA-5640-458A-B18A-FAC1309F37FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCEB3C5-6C28-4D91-900E-98F0DC02478E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796."
},
{
"lang": "es",
"value": "El System Status Collection Daemon (SSCD) de Cisco TelePresence System 500-37, 1000, 1300-65, y 3xxx anterior a la versi\u00f3n 1.10.2(42), y 500-32, 1300-47, TX1310 65, y TX9xxx anterior a la versi\u00f3n 6.0.4(11), permite a atacantes remotos ejecutar comandos arbitrarios para provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria de la pila) a trav\u00e9s de un mensaje XML-RPC manipulado, tambi\u00e9n conocido como Bug ID CSCui32796."
}
],
"id": "CVE-2014-0661",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-22T21:55:03.560",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/102362"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/56533"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65071"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029656"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/65071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90624"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…