Privilege Escalation Vulnerability in Cisco TelePresence Software
CVE-2014-2173

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Te Software
Vendor: CVE Published:; 2 May 2014

Summary

Cisco TelePresence TC Software versions 4.x and 5.x, along with TE Software versions 4.x and 6.0, have an access control vulnerability that fails to adequately restrict access to the serial port. This flaw allows local users to execute unspecified commands, potentially leading to unauthorized privilege escalation. Organizations utilizing these software versions should evaluate their exposure to this vulnerability and apply necessary mitigations to safeguard their systems.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 2, 2014
Vulnerability Reserved
Feb 25, 2014