CVE Vulnerabilities

CVE-2011-4659

Published: Jan 19, 2012 | Modified: Feb 10, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.

Affected Software

Name Vendor Start Version End Version
Telepresence_e20_software Cisco * te4.1.1-cucm (including)
Telepresence_e20_software Cisco te2.2 (including) te2.2 (including)
Telepresence_e20_software Cisco te2.2.1 (including) te2.2.1 (including)
Telepresence_e20_software Cisco te4.0.0 (including) te4.0.0 (including)
Telepresence_e20_software Cisco te4.1.0 (including) te4.1.0 (including)
Telepresence_e20_software Cisco te4.1.1 (including) te4.1.1 (including)
Telepresence_e20_software Cisco tenc4.0.0 (including) tenc4.0.0 (including)
Telepresence_e20_software Cisco tenc4.1.0 (including) tenc4.1.0 (including)
Telepresence_e20_software Cisco tenc4.1.1 (including) tenc4.1.1 (including)
Telepresence_e20_software Cisco tenc4.1.1-cucm (including) tenc4.1.1-cucm (including)

References