Unauthorized Access in Cisco TelePresence Recording Server XML-RPC Interface
CVE-2011-0392

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Recording Server Software; Telepresence Recording Server
Vendor: CVE Published:; 25 February 2011

Summary

The Cisco TelePresence Recording Server software version 1.6.x contains a security bypass vulnerability that permits unauthorized remote access through an unsecured XML-RPC interface on TCP port 8080. This flaw allows attackers to perform various unauthorized actions, posing a risk to the integrity and confidentiality of the system. Implementing authentication measures for this interface is crucial to protect the device from potential exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65609

vdb-entryx_refsource_XF

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1025114

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011