8.3

CVE-2014-2174

EPSS 0.21%
Veröffentlicht 25.05.2015 00:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Telepresence Tc Software Version3.1.5

Cisco ≫ Telepresence Tc Software Version3.1_base

Cisco ≫ Telepresence Tc Software Version4.1.0

Cisco ≫ Telepresence Tc Software Version4.1.1

Cisco ≫ Telepresence Tc Software Version4.1.2

Cisco ≫ Telepresence Tc Software Version4.1_base

Cisco ≫ Telepresence Tc Software Version4.2.0

Cisco ≫ Telepresence Tc Software Version4.2.1

Cisco ≫ Telepresence Tc Software Version4.2.2

Cisco ≫ Telepresence Tc Software Version4.2.3

Cisco ≫ Telepresence Tc Software Version4.2.4

Cisco ≫ Telepresence Tc Software Version4.2_base

Cisco ≫ Telepresence Tc Software Version5.0.2

Cisco ≫ Telepresence Tc Software Version5.0.2-cucm

Cisco ≫ Telepresence Tc Software Version5.0_base

Cisco ≫ Telepresence Tc Software Version5.1.3

Cisco ≫ Telepresence Tc Software Version5.1.3-cucm

Cisco ≫ Telepresence Tc Software Version5.1.4

Cisco ≫ Telepresence Tc Software Version5.1.4-cucm

Cisco ≫ Telepresence Tc Software Version5.1.5

Cisco ≫ Telepresence Tc Software Version5.1.5-cucm

Cisco ≫ Telepresence Tc Software Version5.1.6

Cisco ≫ Telepresence Tc Software Version5.1.6-cucm

Cisco ≫ Telepresence Tc Software Version5.1.7

Cisco ≫ Telepresence Tc Software Version5.1.7-cucm

Cisco ≫ Telepresence Tc Software Version5.1_base

Cisco ≫ Telepresence Tc Software Version6.0.0

Cisco ≫ Telepresence Tc Software Version6.0.0-cucm

Cisco ≫ Telepresence Tc Software Version6.0.1

Cisco ≫ Telepresence Tc Software Version6.0.1-cucm

Cisco ≫ Telepresence Tc Software Version6.0.2

Cisco ≫ Telepresence Tc Software Version6.0_base

Cisco ≫ Telepresence Tc Software Version6.1.0

Cisco ≫ Telepresence Tc Software Version6.1.0-cucm

Cisco ≫ Telepresence Tc Software Version6.1.1

Cisco ≫ Telepresence Tc Software Version6.1.1-cucm

Cisco ≫ Telepresence Tc Software Version6.1.2

Cisco ≫ Telepresence Tc Software Version6.1.2-cucm

Cisco ≫ Telepresence Tc Software Version6.1_base

Cisco ≫ Telepresence Tc Software Version6.3.0

Cisco ≫ Telepresence Te Software Version6.0.0

Cisco ≫ Telepresence Te Software Version6.0.1

Cisco ≫ Telepresence Te Software Version6.0.2

Cisco ≫ Telepresence Te Software Version6.0_base

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.44

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.3	6.5	10	AV:A/AC:L/Au:N/C:C/I:C/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-2174

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-2174

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-2174

EUVD