CVE-2012-3076

The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.

Published: Jul 12, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-3076
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
cisco / telepresence_recording_server	1.7.0(190)	1.7.0(190).x
cisco / telepresence_recording_server	1.7.2.1	1.7.2.1.x
cisco / telepresence_recording_server	1.6.1(2)	1.6.1(2).x
cisco / telepresence_recording_server	-	1.7.3\(3\).x
cisco / telepresence_recording_server	1.7.1(22)	1.7.1(22).x
cisco / telepresence_recording_server	1.6.3(4)	1.6.3(4).x
cisco / telepresence_recording_server	1.6.2(31)	1.6.2(31).x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs

Vulnerability Database

289,697

CVE-2012-3076