CVE-2011-0380

CWE-287 — Improper Authentication CWE-3994 documents4 sources

Severity

7.5HIGH

EPSS

0.5%

top 35.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Telepresence Manager

Timeline

PublishedFeb 25

Latest updateMay 17

Description

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/telepresence_manager9 versions+8

🔴Vulnerability Details

GHSA

GHSA-8cpj-p4g2-v3pc: Cisco TelePresence Manager 1↗2022-05-17

▶

CVEList

CVE-2011-0380: Cisco TelePresence Manager 1↗2011-02-25

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco TelePresence Manager↗2011-02-23

▶