CVE-2013-3379
Severity Score
8.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.
El subsistema de firewall en Cisco TelePresence TC Software anterior a v4.2 no implementa correctamente reglas que conceden el acceso a los hosts, lo que permite a atacantes remotos obtener shell con privilegios de root mediante el aprovechamiento de la conectividad a la red de gestión, también conocido como Bug ID CSCts37781.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-05-06 CVE Reserved
- 2013-06-21 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc | 2013-06-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Telepresence Tc Software Search vendor "Cisco" for product "Telepresence Tc Software" | <= 4.1.2 Search vendor "Cisco" for product "Telepresence Tc Software" and version " <= 4.1.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Telepresence Tc Software Search vendor "Cisco" for product "Telepresence Tc Software" | 4.0.0 Search vendor "Cisco" for product "Telepresence Tc Software" and version "4.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Telepresence Tc Software Search vendor "Cisco" for product "Telepresence Tc Software" | 4.0.1 Search vendor "Cisco" for product "Telepresence Tc Software" and version "4.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Telepresence Tc Software Search vendor "Cisco" for product "Telepresence Tc Software" | 4.0.4 Search vendor "Cisco" for product "Telepresence Tc Software" and version "4.0.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Telepresence Tc Software Search vendor "Cisco" for product "Telepresence Tc Software" | 4.1.1 Search vendor "Cisco" for product "Telepresence Tc Software" and version "4.1.1" | - |
Affected
| ||||||