Multiple Vulnerabilities in Cisco TelePresence Products

Network Hacking News / Stories Vulnerabilities

Cisco Logo1] Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch

  • Unauthenticated Java Servlet Access
  • Unauthenticated Arbitrary File Upload
  • Cisco Discovery Protocol Remote Code Execution
  • Unauthorized Servlet Access
  • Java RMI Denial of Service
  • Real-Time Transport Control Protocol Denial of Service
  • XML-Remote Procedure Call (RPC) Denial of Service

Advisory : cisco-sa-20110223-telepresence-ctms

2] Multiple Vulnerabilities in Cisco TelePresence Manager

  • Simple Object Access Protocol (SOAP) Authentication Bypass
  • Java Remote Method Invocation (RMI) Command Injection
  • Cisco Discovery Protocol Remote Code Execution

Advisory : cisco-sa-20110223-telepresence-ctsman

3] Multiple Vulnerabilities in Cisco TelePresence Recording Server

  • Unauthenticated Java Servlet Access
  • Common Gateway Interface (CGI) Command Injection
  • Unauthenticated Arbitrary File Upload
  • XML-Remote Procedure Call (RPC) Arbitrary File Overwrite
  • Cisco Discovery Protocol Remote Code Execution
  • Ad Hoc Recording Denial of Service
  • Java Remote method Invocation (RMI) Denial of Service
  • Unauthenticated XML-RPC Interface

Advisory : cisco-sa-20110223-telepresence-ctrs

4] Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices

  • Unauthenticated Common Gateway Interface (CGI) Access
  • CGI Command Injection
  • TFTP Information Disclosure
  • Malicious IP Address Injection
  • XML-Remote Procedure Call (RPC) Command Injection
  • Cisco Discovery Protocol Remote Code Execution

Advisory : cisco-sa-20110223-telepresence-cts