Информационная безопасность
[RU] switch to English


Уязвимости безопасности в Cisco TelePresence
дополнено с 19 июля 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:13209
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, обратный путь в каталогах, неотключаемая скрытая учетная запись.
CVE:CVE-2013-3454 (Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.)
 CVE-2013-3379 (The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.)
 CVE-2013-3378 (Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.)
 CVE-2013-3377 (Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.)
Файлы:Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
 Cisco TelePresence System Default Credentials Vulnerability

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород