This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2011-02-25
Product Telepresence Manager Last view 2011-02-25
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:cisco:telepresence_manager:1.3.2:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.4.0:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.2.0.0:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.6.2:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.5.1:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.5.2:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.6.5:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.6.0:*:*:*:*:*:*:* 2
cpe:2.3:a:cisco:telepresence_manager:1.6.3:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
10 2011-02-25 CVE-2011-0381

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085.

7.5 2011-02-25 CVE-2011-0380

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-287 Improper Authentication
50% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Open Source Vulnerability Database (OSVDB)

id Description
72596 Cisco TelePresence Java RMI Interface Unspecified Remote Command Injection
72595 Cisco TelePresence Crafted SOAP Request Authentication Bypass