CVE-2011-0381

Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085.

Published: Feb 25, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0381
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / telepresence_manager	1.5.1	1.5.1.x
cisco / telepresence_manager	1.6.0	1.6.0.x
cisco / telepresence_manager	1.6.3	1.6.3.x
cisco / telepresence_manager	1.4.0	1.4.0.x
cisco / telepresence_manager	1.6.2	1.6.2.x
cisco / telepresence_manager	1.5.2	1.5.2.x
cisco / telepresence_manager	1.6.5	1.6.5.x
cisco / telepresence_manager	1.2.0.0	1.2.0.0.x
cisco / telepresence_manager	1.3.2	1.3.2.x

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml
http://www.securityfocus.com/bid/46526
http://www.securitytracker.com/id?1025111
https://exchange.xforce.ibmcloud.com/vulnerabilities/65619

Vulnerability Database

289,784

CVE-2011-0381