Strix
26.1K

CVE-2014-2174

UnknownEPSS 0.96%

Last modified

CVE-2014-2174 is a vulnerability of currently unknown severity. Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.. EPSS estimates a 0.96% chance of exploitation in the next 30 days.

Description

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

Metrics

EPSS Probability
0.96%

56.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoTelepresence Tc Software3.1.5
CiscoTelepresence Tc Software3.1_base
CiscoTelepresence Tc Software4.1.0
CiscoTelepresence Tc Software4.1.1
CiscoTelepresence Tc Software4.1.2
CiscoTelepresence Tc Software4.1_base
CiscoTelepresence Tc Software4.2.0
CiscoTelepresence Tc Software4.2.1
CiscoTelepresence Tc Software4.2.2
CiscoTelepresence Tc Software4.2.3
CiscoTelepresence Tc Software4.2.4
CiscoTelepresence Tc Software4.2_base
CiscoTelepresence Tc Software5.0.2
CiscoTelepresence Tc Software5.0.2-cucm
CiscoTelepresence Tc Software5.0_base
CiscoTelepresence Tc Software5.1.3
CiscoTelepresence Tc Software5.1.3-cucm
CiscoTelepresence Tc Software5.1.4
CiscoTelepresence Tc Software5.1.4-cucm
CiscoTelepresence Tc Software5.1.5
CiscoTelepresence Tc Software5.1.5-cucm
CiscoTelepresence Tc Software5.1.6
CiscoTelepresence Tc Software5.1.6-cucm
CiscoTelepresence Tc Software5.1.7
CiscoTelepresence Tc Software5.1.7-cucm
CiscoTelepresence Tc Software5.1_base
CiscoTelepresence Tc Software6.0.0
CiscoTelepresence Tc Software6.0.0-cucm
CiscoTelepresence Tc Software6.0.1
CiscoTelepresence Tc Software6.0.1-cucm
CiscoTelepresence Tc Software6.0.2
CiscoTelepresence Tc Software6.0_base
CiscoTelepresence Tc Software6.1.0
CiscoTelepresence Tc Software6.1.0-cucm
CiscoTelepresence Tc Software6.1.1
CiscoTelepresence Tc Software6.1.1-cucm
CiscoTelepresence Tc Software6.1.2
CiscoTelepresence Tc Software6.1.2-cucm
CiscoTelepresence Tc Software6.1_base
CiscoTelepresence Tc Software6.3.0
CiscoTelepresence Te Software6.0.0
CiscoTelepresence Te Software6.0.1
CiscoTelepresence Te Software6.0.2
CiscoTelepresence Te Software6.0_base

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2014-2174?
Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.
How severe is CVE-2014-2174?
Severity scoring for CVE-2014-2174 is pending analysis. The EPSS model estimates a 0.96% probability of exploitation in the next 30 days.
How do I fix CVE-2014-2174?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-2174?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST