{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-22T00:00:00", "descriptions": [{"lang": "en", "value": "The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "102362", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102362"}, {"name": "20140122 Cisco TelePresence System Software Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts"}, {"name": "cisco-telepresence-cve20140661-command-exec(90624)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90624"}, {"name": "65071", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65071"}, {"name": "56533", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56533"}, {"name": "1029656", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029656"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2014-0661", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "102362", "refsource": "OSVDB", "url": "http://osvdb.org/102362"}, {"name": "20140122 Cisco TelePresence System Software Command Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts"}, {"name": "cisco-telepresence-cve20140661-command-exec(90624)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90624"}, {"name": "65071", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65071"}, {"name": "56533", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56533"}, {"name": "1029656", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029656"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2014-0661", "datePublished": "2014-01-22T21:00:00", "dateReserved": "2014-01-02T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F08637F-59D9-400D-B9C4-0EC13C8F8A7F", "versionEndIncluding": "1.10.1\\(43\\)", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*", "matchCriteriaId": "C68D879E-4522-4069-84B7-ED7C511B9D05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*", "matchCriteriaId": "43DB9A3E-F495-4D22-874F-DDFB73C07534", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "2177AF2B-BF5C-431C-8899-88ECC4E91BC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*", "matchCriteriaId": "F2DBBADC-6367-4F75-9F58-E42A05AC992C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*", "matchCriteriaId": "CFEAB6C5-3B65-42D0-B597-0322D9F57C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*", "matchCriteriaId": "FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "62CBB917-651A-4EB8-842D-0BEA708A1BFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.4\\(13\\):*:*:*:*:*:*:*", "matchCriteriaId": "8BBAAC16-A2BE-4D8D-8DEA-9FD4BDA7E17B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.5\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "8819E5D6-F369-4BD2-A816-94F7A919C4B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*", "matchCriteriaId": "34508470-64C3-4A99-BBB0-169AFA3BE50B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.1\\(68\\):*:*:*:*:*:*:*", "matchCriteriaId": "E6570B01-07EB-425B-91E7-70517889A462", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.2\\(19\\):*:*:*:*:*:*:*", "matchCriteriaId": "68710E69-4FD8-4FED-9D7B-CE7317982E2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.3\\(44\\):*:*:*:*:*:*:*", "matchCriteriaId": "00737930-5F3C-4274-9633-00B3837ED6BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.4\\(19\\):*:*:*:*:*:*:*", "matchCriteriaId": "995E5365-B6C3-4A4A-9F14-EADD27C8B9B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.5\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "20831FBF-99C9-4B02-A577-6D28CC2983DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "34600183-7CCF-4424-8887-8EC9ADD1B09E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "53734B19-352E-40F4-9A7C-E1A545B511FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4E70952-7132-4F2B-932F-56FAD2A89A96", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0\\(259\\):*:*:*:*:*:*:*", "matchCriteriaId": "0B3E2221-6FA5-4ABB-9102-414430E4865B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "F861192D-6138-49D2-BF8A-2D10B863253A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_system_1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A859689-4C45-4274-A46E-21CFC82EE4E6", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_1300-65:-:*:*:*:*:*:*:*", "matchCriteriaId": "63DF9134-97F0-4E13-ADB8-C40D67681EAA", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_3000:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC14CB1A-DE5C-4877-8FFB-DF2FA1ADE176", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_3010:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EF6B03F-670A-4604-8B4F-1F05B146E36A", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_3200:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC220DAD-E967-4CC5-9C13-6A5AE98D79EF", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_3210:*:*:*:*:*:*:*:*", "matchCriteriaId": "A13ACECA-121B-4D77-AB54-F579CF67098B", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_500-37:-:*:*:*:*:*:*:*", "matchCriteriaId": "16C8B085-E37B-4440-9DAD-EA1702D79A5E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "39E38912-F6E7-41F9-B113-C1B27AEF455F", "versionEndIncluding": "6.0.3\\(33\\)", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "8C315F74-11D0-42EF-84F7-A9747A8C03E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.1\\(50\\):*:*:*:*:*:*:*", "matchCriteriaId": "18516CB9-5EE8-4CC3-ACC3-6A0DF29D1D4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.2\\(28\\):*:*:*:*:*:*:*", "matchCriteriaId": "A03B63BB-9DE1-41F9-A993-8295C368F611", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.1.0\\(90\\):*:*:*:*:*:*:*", "matchCriteriaId": "328C698B-0ABE-45C2-A2B1-91D9A42C8374", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_system_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "24395007-C981-4CE9-92EB-29DBBF8F481E", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_500-32:-:*:*:*:*:*:*:*", "matchCriteriaId": "E530C9D1-8ACD-4B32-A96D-60E94916A872", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1300_47:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0CEC335-24DB-4C7E-B138-D566C95FB30E", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_tx1310_65:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FCAAE92-6F2E-4F11-A240-D5EC67974424", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "911B3EBA-5640-458A-B18A-FAC1309F37FB", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DCEB3C5-6C28-4D91-900E-98F0DC02478E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796."}, {"lang": "es", "value": "El System Status Collection Daemon (SSCD) de Cisco TelePresence System 500-37, 1000, 1300-65, y 3xxx anterior a la versi\u00f3n 1.10.2(42), y 500-32, 1300-47, TX1310 65, y TX9xxx anterior a la versi\u00f3n 6.0.4(11), permite a atacantes remotos ejecutar comandos arbitrarios para provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria de la pila) a trav\u00e9s de un mensaje XML-RPC manipulado, tambi\u00e9n conocido como Bug ID CSCui32796."}], "id": "CVE-2014-0661", "lastModified": "2017-08-29T01:34:14.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-22T21:55:03.560", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/102362"}, {"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/56533"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/65071"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029656"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90624"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}