cbcvebase.
CVE-2011-0383
published 2011-02-25

CVE-2011-0383: The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS)…

PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
6.47%
92.9th percentile
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.

Affected

18 ranges
VendorProductVersion rangeFixed in
ciscotelepresence_multipoint_switch
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_recording_server_software

Detection & IOCsextracted from sources · hover to see the quote

  • Target the Java Servlet framework on Cisco TelePresence Recording Server and CTMS devices — look for unauthenticated HTTP requests to administrative servlet endpoints (no auth headers/session tokens present) that trigger code execution actions.
  • Track Cisco bug IDs CSCtf42005 and CSCtf42008 as the canonical identifiers for the unauthenticated servlet RCE issue on TelePresence Recording Server and CTMS respectively; use these for vendor patch correlation.
  • ·Cisco TelePresence Recording Server versions 1.6.x before 1.6.2 are vulnerable; upgrade to 1.6.2 or later to remediate the unauthenticated servlet issue.
  • ·Cisco TelePresence Multipoint Switch (CTMS) running software versions 1.0.x, 1.1.x, 1.5.x, and 1.6.x are all affected by the unauthenticated servlet RCE vulnerability.

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.