Strix
26.1K

CVE-2015-0713

UnknownEPSS 2.89%

Last modified

CVE-2015-0713 is a vulnerability of currently unknown severity. The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.. EPSS estimates a 2.89% chance of exploitation in the next 30 days.

Description

The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.

Metrics

EPSS Probability
2.89%

85.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoTelepresence Advanced Media Gateway1.0\(.1.13\)
CiscoTelepresence Advanced Media Gateway1.1\(.1.14\)
CiscoTelepresence Advanced Media Gateway1.1\(1.34\)
CiscoTelepresence Ip Gateway2.0.1.7
CiscoTelepresence Ip Gateway2.0.1.11
CiscoTelepresence Ip Gateway2.0.3.34
CiscoTelepresence Ip Vcr 1.0 Converter1.0\(1.9\)
CiscoTelepresence Ip Vcr 2.41.2
CiscoTelepresence Ip Vcr 3.01.22
CiscoTelepresence Ip Vcr 3.01.24
CiscoTelepresence Isdn Gw 32412.0\(1.51\)
CiscoTelepresence Isdn Gw 32412.1\(1.22\)
CiscoTelepresence Isdn Gw 32412.1\(1.43\)
CiscoTelepresence Isdn Gw 32412.1\(1.49\)
CiscoTelepresence Isdn Gw 32412.1\(1.56\)
CiscoTelepresence Mcu Software4.1\(1.51\)
CiscoTelepresence Mcu Software4.1\(1.59\)
CiscoTelepresence Mcu Software4.2\(1.43\)
CiscoTelepresence Mcu Software4.2\(1.46\)
CiscoTelepresence Mcu Software4.2\(1.50\)
CiscoTelepresence Mcu Software4.3\(1.68\)
CiscoTelepresence Mcu Software4.3\(2.18\)
CiscoTelepresence Mcu Software4.3\(2.30\)
CiscoTelepresence Mcu Software4.3\(2.32\)
CiscoTelepresence Mcu Software4.4\(3.42\)
CiscoTelepresence Mcu Software4.4\(3.49\)
CiscoTelepresence Serial Gateway1.0.1.23
CiscoTelepresence Serial Gateway1.0.1.34
CiscoTelepresence Serial Gateway1.0.1.38
CiscoTelepresence Server Software2.1\(1.33\)
CiscoTelepresence Server Software2.1\(1.37\)
CiscoTelepresence Server Software2.2\(1.43\)
CiscoTelepresence Server Software2.2\(1.48\)
CiscoTelepresence Server Software2.2\(1.54\)
CiscoTelepresence Server Software2.3\(1.55\)
CiscoTelepresence Server Software2.3\(1.57\)
CiscoTelepresence Server Software3.0\(2.24\)
CiscoTelepresence Server Software4.0\(1.57\)
CiscoTelepresence Server Software4.0\(2.8\)
CiscoTelepresence Supervisor Mse 8050 Software2.1\(1.18\)
CiscoTelepresence Supervisor Mse 8050 Software2.2\(1.17\)
CiscoTelepresence Supervisor Mse 8050 Software2.3\(1.32\)

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2015-0713?
The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.
How severe is CVE-2015-0713?
Severity scoring for CVE-2015-0713 is pending analysis. The EPSS model estimates a 2.89% probability of exploitation in the next 30 days.
How do I fix CVE-2015-0713?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-0713?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST