ID de Prueba:	1.3.6.1.4.1.25623.1.0.809729
Categoría:	CISCO
Título:	Cisco TelePresence CE and TC Software Command Injection Vulnerability (cisco-sa-20161102-tp)
Resumen:	Cisco TelePresence Endpoint is prone to local command injection vulnerability.
Descripción:	Summary: Cisco TelePresence Endpoint is prone to local command injection vulnerability. Vulnerability Insight: The vulnerability is due to incomplete input sanitization of some commands. Vulnerability Impact: Successful exploitation will allow remote attackers to execute local shell commands with commands injected as parameters. Also the attacker can retrieve full information from the device including private keys. Affected Software/OS: All TelePresence endpoints running following CE or TC software are affected: Cisco TelePresence CE Software 8.1.0, Cisco TelePresence CE Software 8.0.0, Cisco TelePresence TC Software 7.3.0, Cisco TelePresence TC Software 7.3.1, Cisco TelePresence TC Software 7.3.2, Cisco TelePresence TC Software 7.3.3, Cisco TelePresence TC Software 7.1.0, Cisco TelePresence TC Software 7.1.1, Cisco TelePresence TC Software 7.1.2, Cisco TelePresence TC Software 7.1.3, Cisco TelePresence TC Software 7.1.4 Solution: Apply updates as available from vendor. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6459 BugTraq ID: 94075 http://www.securityfocus.com/bid/94075 http://www.securitytracker.com/id/1037187
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.