CVE-2011-0392

Description

Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.

Affected products

• Cisco / telepresence_recording_server
• Cisco / telepresence_recording_server_software1.6.1 – 1.6.1
• Cisco / telepresence_recording_server_software1.6.2 – 1.6.2
• Cisco / telepresence_recording_server_software1.6.3 – 1.6.3

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/65609
• VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml
• MISChttp://www.securitytracker.com/id?1025114
• MISChttp://www.securityfocus.com/bid/46522