CVE-2011-0383

Cisco Telepresence Recording Server Software - Authentication Bypass

Title source: rule

Description

The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008.

References (6)

Scores

EPSS 0.0470
EPSS Percentile 89.2%

Classification

CWE
CWE-287
Status draft

Affected Products (19)

cisco/telepresence_recording_server_software
cisco/telepresence_recording_server
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
cisco/telepresence_multipoint_switch_software
... and 4 more

Timeline

Published Feb 25, 2011
Tracked Since Feb 18, 2026