CVE-2014-0661

Cisco TelePresence System Software < 1.10.2(42) and < 6.0.4(11) - Remote Code Execution via XML-RPC Message

Title source: llm
STIX 2.1

Description

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/102362
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90624
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/65071
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/56533
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029656

Scores

EPSS 0.0230
EPSS Percentile 81.2%

Details

CWE
CWE-94
Status published
Products (38)
cisco/telepresence_system_1000
cisco/telepresence_system_1100
cisco/telepresence_system_1300-65
cisco/telepresence_system_3000
cisco/telepresence_system_3010
cisco/telepresence_system_3200
cisco/telepresence_system_3210
cisco/telepresence_system_500-32
cisco/telepresence_system_500-37
cisco/telepresence_system_software 1.5.10\(3648\)
... and 28 more
Published Jan 22, 2014
Tracked Since Feb 18, 2026