Cisco TelePresence System Software Command Execution

high Nessus Plugin ID 72183


The remote device may be affected by a command execution vulnerability.


According to the self-reported device name of the remote device, it may be a Cisco TelePresence System device. Nessus cannot determine the version of the software running on this device, but it may be affected by a vulnerability that could allow an unauthorized user to execute arbitrary commands via a specially crafted XML remote procedure call.


Upgrade to the appropriate software version per the vendor's advisory.

See Also

Plugin Details

Severity: High

ID: 72183

File Name: cisco-sa-20140122-cts.nasl

Version: 1.7

Type: remote

Family: CISCO

Published: 1/28/2014

Updated: 11/15/2018

Configuration: Enable paranoid mode

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:cisco:telepresence_system_software

Required KB Items: Settings/ParanoidReport, Cisco/TelePresence_System/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/22/2014

Vulnerability Publication Date: 1/22/2014

Reference Information

CVE: CVE-2014-0661

BID: 65071

IAVA: 2014-A-0016

CISCO-SA: cisco-sa-20140122-cts