File Overwrite Vulnerability in Cisco TelePresence Recording Server
CVE-2011-0386

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Recording Server Software; Telepresence Recording Server
Vendor: CVE Published:; 25 February 2011

Summary

The XML-RPC implementation in Cisco TelePresence Recording Server versions 1.6.x and 1.7.x prior to 1.7.1 is vulnerable to a file overwrite attack. This vulnerability allows remote attackers to send specially crafted requests that can overwrite existing files on the server. The result is the potential execution of arbitrary code, which poses a significant threat to the confidentiality and integrity of the system. Organizations using affected versions are advised to update to version 1.7.1 or later to mitigate this risk. For more information, consult Cisco's security advisory.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/65605

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1025114

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011