RCE in Cisco Telepresence_manager
CVE-2011-0381
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability,"…
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.025 (85.6th percentile) — read the EPSS interpretation.
Affected products
- Cisco Telepresence_manager — versions 1.2.0.0, 1.3.2, 1.4.0
- N/a — versions n/a
Weakness classification (CWE)
References
- 46526 (vdb-entry, x_refsource_BID)
- 1025111 (vdb-entry, x_refsource_SECTRACK)
- telepresence-manager-rmi-command-exec(65619) (vdb-entry, x_refsource_XF)
- 20110223 Multiple Vulnerabilities in Cisco TelePresence Manager (x_refsource_CISCO, vendor-advisory, Vendor Advisory)