Test ID:	1.3.6.1.4.1.25623.1.0.809729
Category:	CISCO
Title:	Cisco TelePresence CE and TC Software Command Injection Vulnerability (cisco-sa-20161102-tp)
Summary:	Cisco TelePresence Endpoint is prone to local command injection vulnerability.
Description:	Summary: Cisco TelePresence Endpoint is prone to local command injection vulnerability. Vulnerability Insight: The vulnerability is due to incomplete input sanitization of some commands. Vulnerability Impact: Successful exploitation will allow remote attackers to execute local shell commands with commands injected as parameters. Also the attacker can retrieve full information from the device including private keys. Affected Software/OS: All TelePresence endpoints running following CE or TC software are affected: Cisco TelePresence CE Software 8.1.0, Cisco TelePresence CE Software 8.0.0, Cisco TelePresence TC Software 7.3.0, Cisco TelePresence TC Software 7.3.1, Cisco TelePresence TC Software 7.3.2, Cisco TelePresence TC Software 7.3.3, Cisco TelePresence TC Software 7.1.0, Cisco TelePresence TC Software 7.1.1, Cisco TelePresence TC Software 7.1.2, Cisco TelePresence TC Software 7.1.3, Cisco TelePresence TC Software 7.1.4 Solution: Apply updates as available from vendor. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6459 BugTraq ID: 94075 http://www.securityfocus.com/bid/94075 http://www.securitytracker.com/id/1037187
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.