ID
VAR-201608-0240
CVE
CVE-2016-1468
TITLE
Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability
Trust: 0.9
sources:
BID: 92274 //
CNNVD: CNNVD-201608-178
DESCRIPTION
The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531. Successfully exploiting this issue may allow an attacker to execute arbitrary commands on the affected device. This issue is being tracked by Cisco Bug ID CSCuv12531
Trust: 1.98
sources:
NVD: CVE-2016-1468 //
JVNDB: JVNDB-2016-004342 //
BID: 92274 //
VULHUB: VHN-90287
AFFECTED PRODUCTS
| vendor: | cisco | model: | telepresence video communication server | scope: | eq | version: | x8.5.2 | Trust: 1.6 |
| vendor: | cisco | model: | telepresence video communication server software | scope: | eq | version: | expressway x8.5.2 | Trust: 0.8 |
| vendor: | cisco | model: | telepresence video communication server expressway | scope: | eq | version: | x8.5.2 | Trust: 0.3 |
sources:
BID: 92274 //
JVNDB: JVNDB-2016-004342 //
CNNVD: CNNVD-201608-178 //
NVD: CVE-2016-1468
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-90287 //
JVNDB: JVNDB-2016-004342 //
CNNVD: CNNVD-201608-178 //
NVD: CVE-2016-1468
PROBLEMTYPE DATA
| problemtype: | CWE-78 | Trust: 1.9 |
sources:
VULHUB: VHN-90287 //
JVNDB: JVNDB-2016-004342 //
NVD: CVE-2016-1468
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201608-178
TYPE
operating system commend injection
Trust: 0.6
sources:
CNNVD: CNNVD-201608-178
CONFIGURATIONS
sources:
JVNDB: JVNDB-2016-004342
PATCH
| title: | cisco-sa-20160803-vcse | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-vcse | Trust: 0.8 |
| title: | Cisco TelePresence Video Communication Server Expressway Fixes for command injection vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63569 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2016-004342 //
CNNVD: CNNVD-201608-178
EXTERNAL IDS
| db: | NVD | id: | CVE-2016-1468 | Trust: 2.8 |
| db: | BID | id: | 92274 | Trust: 1.4 |
| db: | SECTRACK | id: | 1036529 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2016-004342 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201608-178 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-90287 | Trust: 0.1 |
sources:
VULHUB: VHN-90287 //
BID: 92274 //
JVNDB: JVNDB-2016-004342 //
CNNVD: CNNVD-201608-178 //
NVD: CVE-2016-1468
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160803-vcse | Trust: 2.0 |
| url: | http://www.securityfocus.com/bid/92274 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id/1036529 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1468 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1468 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
sources:
VULHUB: VHN-90287 //
BID: 92274 //
JVNDB: JVNDB-2016-004342 //
CNNVD: CNNVD-201608-178 //
NVD: CVE-2016-1468
CREDITS
Cisco
Trust: 0.3
sources:
BID: 92274
SOURCES
| db: | VULHUB | id: | VHN-90287 |
| db: | BID | id: | 92274 |
| db: | JVNDB | id: | JVNDB-2016-004342 |
| db: | CNNVD | id: | CNNVD-201608-178 |
| db: | NVD | id: | CVE-2016-1468 |
LAST UPDATE DATE
2024-11-23T23:12:35.519000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-90287 | date: | 2017-08-16T00:00:00 |
| db: | BID | id: | 92274 | date: | 2016-08-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-004342 | date: | 2016-08-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201608-178 | date: | 2016-08-08T00:00:00 |
| db: | NVD | id: | CVE-2016-1468 | date: | 2024-11-21T02:46:30 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-90287 | date: | 2016-08-08T00:00:00 |
| db: | BID | id: | 92274 | date: | 2016-08-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-004342 | date: | 2016-08-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201608-178 | date: | 2016-08-08T00:00:00 |
| db: | NVD | id: | CVE-2016-1468 | date: | 2016-08-08T00:59:06.577 |