Test Kennung:	1.3.6.1.4.1.25623.1.0.809729
Kategorie:	CISCO
Titel:	Cisco TelePresence CE and TC Software Command Injection Vulnerability (cisco-sa-20161102-tp)
Zusammenfassung:	Cisco TelePresence Endpoint is prone to local command injection vulnerability.
Beschreibung:	Summary: Cisco TelePresence Endpoint is prone to local command injection vulnerability. Vulnerability Insight: The vulnerability is due to incomplete input sanitization of some commands. Vulnerability Impact: Successful exploitation will allow remote attackers to execute local shell commands with commands injected as parameters. Also the attacker can retrieve full information from the device including private keys. Affected Software/OS: All TelePresence endpoints running following CE or TC software are affected: Cisco TelePresence CE Software 8.1.0, Cisco TelePresence CE Software 8.0.0, Cisco TelePresence TC Software 7.3.0, Cisco TelePresence TC Software 7.3.1, Cisco TelePresence TC Software 7.3.2, Cisco TelePresence TC Software 7.3.3, Cisco TelePresence TC Software 7.1.0, Cisco TelePresence TC Software 7.1.1, Cisco TelePresence TC Software 7.1.2, Cisco TelePresence TC Software 7.1.3, Cisco TelePresence TC Software 7.1.4 Solution: Apply updates as available from vendor. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6459 BugTraq ID: 94075 http://www.securityfocus.com/bid/94075 http://www.securitytracker.com/id/1037187
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.