Cisco TelePresence System Software Command Execution

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote device may be affected by a command execution

Description :

According to the self-reported device name of the remote device, it may
be a Cisco TelePresence System device. Nessus cannot determine the
version of the software running on this device, but it may be affected
by a vulnerability that could allow an unauthorized user to execute
arbitrary commands via a specially crafted XML remote procedure call.

See also :

Solution :

Upgrade to the appropriate software version per the vendor's

Risk factor :

High / CVSS Base Score : 8.3
CVSS Temporal Score : 7.2
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 72183 ()

Bugtraq ID: 65071

CVE ID: CVE-2014-0661