CVE-2012-3075
UnknownEPSS 2.17%
Last modified
CVE-2012-3075 is a vulnerability of currently unknown severity. The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.. EPSS estimates a 2.17% chance of exploitation in the next 30 days.
Description
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence System Software | <= 1.7.2\(4937\) |
| Cisco | Telepresence System Software | 1.2.3\(1101\) |
| Cisco | Telepresence System Software | 1.3.2\(1393\) |
| Cisco | Telepresence System Software | 1.4.7\(2229\) |
| Cisco | Telepresence System Software | 1.5.1\(2082\) |
| Cisco | Telepresence System Software | 1.5.3\(2115\) |
| Cisco | Telepresence System Software | 1.5.10\(3648\) |
| Cisco | Telepresence System Software | 1.5.11\(3659\) |
| Cisco | Telepresence System Software | 1.5.12\(3701\) |
| Cisco | Telepresence System Software | 1.5.13\(3717\) |
| Cisco | Telepresence System Software | 1.6.0\(3954\) |
| Cisco | Telepresence System Software | 1.6.2\(4023\) |
| Cisco | Telepresence System Software | 1.6.3\(4042\) |
| Cisco | Telepresence System Software | 1.6.4\(4072\) |
| Cisco | Telepresence System Software | 1.6.5\(4097\) |
| Cisco | Telepresence System Software | 1.6.6\(4109\) |
| Cisco | Telepresence System Software | 1.6.7\(4212\) |
| Cisco | Telepresence System Software | 1.6.8\(4222\) |
| Cisco | Telepresence System Software | 1.7.0.1\(4764\) |
| Cisco | Telepresence System Software | 1.7.0.2\(4719\) |
| Cisco | Telepresence System Software | 1.7.1\(4864\) |
| Cisco | Telepresence System Software | 1.7.2.1\(2\) |
| Cisco | Telepresence System 1300 65 | All versions |
| Cisco | Telepresence System 3000 | All versions |
| Cisco | Telepresence System 3010 | All versions |
| Cisco | Telepresence System 3200 | All versions |
| Cisco | Telepresence System 3210 | All versions |
| Cisco | Telepresence System T3 | All versions |
| Cisco | Telepresence System Tx1300 47 | All versions |
| Cisco | Telepresence System Tx1310 65 | All versions |
| Cisco | Telepresence System Tx9000 | All versions |
| Cisco | Telepresence System Tx9200 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-3075?
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
How severe is CVE-2012-3075?
Severity scoring for CVE-2012-3075 is pending analysis. The EPSS model estimates a 2.17% probability of exploitation in the next 30 days.
How do I fix CVE-2012-3075?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2012-3075?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST