CVE-2011-0383
published 2011-02-25CVE-2011-0383: The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS)…
PriorityP262critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
6.47%
92.9th percentile
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | telepresence_multipoint_switch | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_multipoint_switch_software | — | — |
| cisco | telepresence_recording_server_software | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target the Java Servlet framework on Cisco TelePresence Recording Server and CTMS devices — look for unauthenticated HTTP requests to administrative servlet endpoints (no auth headers/session tokens present) that trigger code execution actions. ↗
- →Track Cisco bug IDs CSCtf42005 and CSCtf42008 as the canonical identifiers for the unauthenticated servlet RCE issue on TelePresence Recording Server and CTMS respectively; use these for vendor patch correlation. ↗
- ·Cisco TelePresence Recording Server versions 1.6.x before 1.6.2 are vulnerable; upgrade to 1.6.2 or later to remediate the unauthenticated servlet issue. ↗
- ·Cisco TelePresence Multipoint Switch (CTMS) running software versions 1.0.x, 1.1.x, 1.5.x, and 1.6.x are all affected by the unauthenticated servlet RCE vulnerability. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Multiple Vulnerabilities in Cisco TelePresence Recording Server
vendor_cisco·2011-02-23·CVSS 10.0
CVE-2011-0382 [CRITICAL] CWE-264 Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple vulnerabilities exist within the Cisco TelePresence Recording
Server. This security advisory outlines details of the following
vulnerabilities:
Unauthenticated Java Servlet Access
Common Gateway Interface (CGI) Command Injection
Unauthenticated Arbitrary File Upload
XML-Remote Procedure Call (RPC) Arbitrary File Overwrite
Cisco Discovery Protocol Remote Code Execution
Ad Hoc Recording Denial of Service
Java Remote method Invocation (RMI) Denial of Service
Unauthenticated XML-RPC Interface
Duplicate Issue Identification in Other Cisco TelePresence Advisories
The Unauthenticated Java Servlet Access vulnerability affects the Cisco
TelePresence Multipoint Switch and Recording Server. The defect that is r
Cisco
Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
vendor_cisco
CVE-2011-0383 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
CVE-2011-0383: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
Multiple vulnerabilities exist within the Cisco TelePresence Multipoint Switch. This security advisory outlines
CWE: CWE-264, CWE-399, CWE-264, CWE-399
Bug IDs: CSCtf42008, CSCtf42005, CSCth61065, CSCth85786, CSCtd75754
GHSA
GHSA-7wrc-jf8c-7fmx: The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1
ghsa_unreviewed·2022-05-17
CVE-2011-0383 [HIGH] CWE-287 GHSA-7wrc-jf8c-7fmx: The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.
No detection rules found.
No public exploits indexed.
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtmlhttp://www.securityfocus.com/bid/46519http://www.securitytracker.com/id?1025113http://www.securitytracker.com/id?1025114https://exchange.xforce.ibmcloud.com/vulnerabilities/65602http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtmlhttp://www.securityfocus.com/bid/46519http://www.securitytracker.com/id?1025113http://www.securitytracker.com/id?1025114https://exchange.xforce.ibmcloud.com/vulnerabilities/65602
2011-02-25
Published