CVE-2015-0584

Published: Feb 20, 2015Modified: May 6, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947.

Affected (1)

Products: Cisco: Desktop Collaboration Experience Dx650

Cisco

1 product

Desktop Collaboration Experience Dx650

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Desktop Collaboration Experience Dx650	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0584

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/72696

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0584

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/72696

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.