CVE-2011-0384
First published: Fri Feb 25 2011(Updated: )
The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Multipoint Switch software | =1.0.4.0 | |
| Cisco TelePresence Multipoint Switch software | =1.1.0 | |
| Cisco TelePresence Multipoint Switch software | =1.1.1 | |
| Cisco TelePresence Multipoint Switch software | =1.1.2 | |
| Cisco TelePresence Multipoint Switch software | =1.5.0 | |
| Cisco TelePresence Multipoint Switch software | =1.5.1 | |
| Cisco TelePresence Multipoint Switch software | =1.5.2 | |
| Cisco TelePresence Multipoint Switch software | =1.5.3 | |
| Cisco TelePresence Multipoint Switch software | =1.5.4 | |
| Cisco TelePresence Multipoint Switch software | =1.5.5 | |
| Cisco TelePresence Multipoint Switch software | =1.5.6 | |
| Cisco TelePresence Multipoint Switch software | =1.6.0 | |
| Cisco TelePresence Multipoint Switch software | =1.6.1 | |
| Cisco TelePresence Multipoint Switch software | =1.6.2 | |
| Cisco TelePresence Multipoint Switch software | =1.6.3 | |
| Cisco TelePresence Multipoint Switch software | =1.6.4 | |
| Cisco TelePresence Multipoint Switch software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-0384?
CVE-2011-0384 is classified as a critical vulnerability due to its potential for allowing remote code execution without authentication.
How do I fix CVE-2011-0384?
To mitigate CVE-2011-0384, it is recommended to upgrade the Cisco TelePresence Multipoint Switch software to a version that is not affected by this vulnerability.
Which Cisco TelePresence Multipoint Switch software versions are affected by CVE-2011-0384?
CVE-2011-0384 affects Cisco TelePresence Multipoint Switch software versions 1.0.x, 1.1.x, 1.5.x, and 1.6.x.
What risks does CVE-2011-0384 pose to my network?
CVE-2011-0384 can allow attackers to execute arbitrary code, potentially leading to unauthorized access and data breaches.
Is there a patch available for CVE-2011-0384?
Yes, Cisco has released patches that can be applied to the affected software versions to address the vulnerabilities in CVE-2011-0384.
- collector/nvd-historical
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco telepresence multipoint switch software
- version/cisco telepresence multipoint switch software/1.0.4.0
- version/cisco telepresence multipoint switch software/1.1.0
- version/cisco telepresence multipoint switch software/1.1.1
- version/cisco telepresence multipoint switch software/1.1.2
- version/cisco telepresence multipoint switch software/1.5.0
- version/cisco telepresence multipoint switch software/1.5.1
- version/cisco telepresence multipoint switch software/1.5.2
- version/cisco telepresence multipoint switch software/1.5.3
- version/cisco telepresence multipoint switch software/1.5.4
- version/cisco telepresence multipoint switch software/1.5.5
- version/cisco telepresence multipoint switch software/1.5.6
- version/cisco telepresence multipoint switch software/1.6.0
- version/cisco telepresence multipoint switch software/1.6.1
- version/cisco telepresence multipoint switch software/1.6.2
- version/cisco telepresence multipoint switch software/1.6.3
- version/cisco telepresence multipoint switch software/1.6.4