NVD

Id
23120  
Name
CVE-2015-0660  
Description
Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2015-03-13  
Modified Date
2015-10-27  
Seq
2015-0660  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
122930 23120 CVE-2015-0660 20150312 Cisco Virtual TelePresence Server Serial Console Privileged Access  View
122931 23120 CVE-2015-0660 1031924  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6504 JVNDB-2015-001824 Cisco TelePresence Server on Virtual Machine のソフトウェアにおける root 権限で任意の OS コマンドを実行される脆弱性 Cisco TelePresence Server on Virtual Machine のソフトウェアは、シリアルポートの使用を適切に制限しないため、root 権限で任意の OS コマンドを実行される脆弱性が存在します。 CVE-2015-0660 77871 CVE-2015-0660 23120 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001824.html 2015-03-16 2015-03-17 View