CVE-2011-0392
Cisco TelePresence Recording Server 1.6.x - Unauthenticated XML-RPC Interface Access
Title source: llmDescription
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65609
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1025114
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46522
Scores
EPSS
0.0239
EPSS Percentile
81.8%
Details
CWE
CWE-287
Status
published
Products (4)
cisco/telepresence_recording_server
cisco/telepresence_recording_server_software
1.6.1
cisco/telepresence_recording_server_software
1.6.2
cisco/telepresence_recording_server_software
1.6.3
Published
Feb 25, 2011
Tracked Since
Feb 18, 2026