6.6
CVE-2019-15962
- EPSS 0.15%
- Published 16.10.2019 19:15:15
- Last modified 21.11.2024 04:29:49
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. The vulnerability is due to improper permission assignment. An attacker could exploit this vulnerability by logging in as the remotesupport user and writing files to the /root directory of an affected device.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Telepresence Collaboration Endpoint Version7.3.18
Cisco ≫ Webex Board 55 Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Telepresence Collaboration Endpoint Version8.3.7
Cisco ≫ Webex Board 55 Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Telepresence Collaboration Endpoint Version9.6.4
Cisco ≫ Webex Board 55 Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Telepresence Collaboration Endpoint Version9.7.2
Cisco ≫ Webex Board 55 Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Telepresence Collaboration Endpoint Version9.8.0
Cisco ≫ Webex Board 55 Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Cisco ≫ Webex Board 55s Version-
Cisco ≫ Webex Board 70 Version-
Cisco ≫ Webex Board 70s Version-
Cisco ≫ Webex Board 85s Version-
Cisco ≫ Webex Room 55 Version-
Cisco ≫ Webex Room 55 Dual Version-
Cisco ≫ Webex Room 70 Dual Version-
Cisco ≫ Webex Room 70 Dual G2 Version-
Cisco ≫ Webex Room 70 Single Version-
Cisco ≫ Webex Room 70 Single G2 Version-
Cisco ≫ Webex Room Kit Version-
Cisco ≫ Webex Room Kit Mini Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.327 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 6.6 | 3.9 | 9.2 |
AV:L/AC:L/Au:N/C:N/I:C/A:C
|
| psirt@cisco.com | 4.4 | 0.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
|
CWE-276 Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.