CVE-2014-2174

Published: May 25, 2015Modified: May 6, 2026

8.3

Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 6.5 / Impact: 10.0

Source: NVD

Description

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

Affected (44)

Products: Cisco: Telepresence Tc Software, Telepresence Te Software

Cisco

2 products

Telepresence Tc Software

Telepresence Te Software

Configuration A

44 vulnerable

Vulnerable Software	Affected Versions
Cisco Telepresence Tc Software	Version 3.1.5
Cisco Telepresence Tc Software	Version 3.1_base
Cisco Telepresence Tc Software	Version 4.1.0
Cisco Telepresence Tc Software	Version 4.1.1
Cisco Telepresence Tc Software	Version 4.1.2
Cisco Telepresence Tc Software	Version 4.1_base
Cisco Telepresence Tc Software	Version 4.2.0
Cisco Telepresence Tc Software	Version 4.2.1
Cisco Telepresence Tc Software	Version 4.2.2
Cisco Telepresence Tc Software	Version 4.2.3
Cisco Telepresence Tc Software	Version 4.2.4
Cisco Telepresence Tc Software	Version 4.2_base
Cisco Telepresence Tc Software	Version 5.0.2-cucm
Cisco Telepresence Tc Software	Version 5.0.2
Cisco Telepresence Tc Software	Version 5.0_base
Cisco Telepresence Tc Software	Version 5.1.3-cucm
Cisco Telepresence Tc Software	Version 5.1.3
Cisco Telepresence Tc Software	Version 5.1.4-cucm
Cisco Telepresence Tc Software	Version 5.1.4
Cisco Telepresence Tc Software	Version 5.1.5-cucm
Cisco Telepresence Tc Software	Version 5.1.5
Cisco Telepresence Tc Software	Version 5.1.6-cucm
Cisco Telepresence Tc Software	Version 5.1.6
Cisco Telepresence Tc Software	Version 5.1.7-cucm
Cisco Telepresence Tc Software	Version 5.1.7
Cisco Telepresence Tc Software	Version 5.1_base
Cisco Telepresence Tc Software	Version 6.0.0-cucm
Cisco Telepresence Tc Software	Version 6.0.0
Cisco Telepresence Tc Software	Version 6.0.1-cucm
Cisco Telepresence Tc Software	Version 6.0.1
Cisco Telepresence Tc Software	Version 6.0.2
Cisco Telepresence Tc Software	Version 6.0_base
Cisco Telepresence Tc Software	Version 6.1.0-cucm
Cisco Telepresence Tc Software	Version 6.1.0
Cisco Telepresence Tc Software	Version 6.1.1-cucm
Cisco Telepresence Tc Software	Version 6.1.1
Cisco Telepresence Tc Software	Version 6.1.2-cucm
Cisco Telepresence Tc Software	Version 6.1.2
Cisco Telepresence Tc Software	Version 6.1_base
Cisco Telepresence Tc Software	Version 6.3.0
Cisco Telepresence Te Software	Version 6.0.0
Cisco Telepresence Te Software	Version 6.0.1
Cisco Telepresence Te Software	Version 6.0.2
Cisco Telepresence Te Software	Version 6.0_base

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.