CVE-2011-0383
Cisco TelePresence Recording Server and Multipoint Switch - Unauthenticated Remote Code Execution
Title source: llmDescription
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46519
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025114
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65602
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025113
Scores
EPSS
0.0647
EPSS Percentile
92.9%
Details
CWE
CWE-287
Status
published
Products (19)
cisco/telepresence_multipoint_switch
cisco/telepresence_multipoint_switch_software
1.0.4.0
cisco/telepresence_multipoint_switch_software
1.1.0
cisco/telepresence_multipoint_switch_software
1.1.1
cisco/telepresence_multipoint_switch_software
1.1.2
cisco/telepresence_multipoint_switch_software
1.5.0
cisco/telepresence_multipoint_switch_software
1.5.1
cisco/telepresence_multipoint_switch_software
1.5.2
cisco/telepresence_multipoint_switch_software
1.5.3
cisco/telepresence_multipoint_switch_software
1.5.4
... and 9 more
Published
Feb 25, 2011
Tracked Since
Feb 18, 2026