CVE-2019-15962
Summary
| CVE | CVE-2019-15962 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-10-16 19:15:00 UTC |
| Updated | 2019-10-22 13:14:00 UTC |
| Description | A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. The vulnerability is due to improper permission assignment. An attacker could exploit this vulnerability by logging in as the remotesupport user and writing files to the /root directory of an affected device. |
Risk And Classification
Problem Types: CWE-276
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Telepresence Collaboration Endpoint | 7.3.18 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 8.3.7 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.6.4 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.7.2 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.8.0 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 7.3.18 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 8.3.7 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.6.4 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.7.2 | All | All | All |
| Application | Cisco | Telepresence Collaboration Endpoint | 9.8.0 | All | All | All |
| Hardware | Cisco | Webex Board 55 | - | All | All | All |
| Hardware | Cisco | Webex Board 55 | - | All | All | All |
| Hardware | Cisco | Webex Board 55s | - | All | All | All |
| Hardware | Cisco | Webex Board 55s | - | All | All | All |
| Hardware | Cisco | Webex Board 70 | - | All | All | All |
| Hardware | Cisco | Webex Board 70 | - | All | All | All |
| Hardware | Cisco | Webex Board 70s | - | All | All | All |
| Hardware | Cisco | Webex Board 70s | - | All | All | All |
| Hardware | Cisco | Webex Board 85s | - | All | All | All |
| Hardware | Cisco | Webex Board 85s | - | All | All | All |
| Hardware | Cisco | Webex Room 55 | - | All | All | All |
| Hardware | Cisco | Webex Room 55 | - | All | All | All |
| Hardware | Cisco | Webex Room 55 Dual | - | All | All | All |
| Hardware | Cisco | Webex Room 55 Dual | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Dual | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Dual | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Dual G2 | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Dual G2 | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Single | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Single | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Single G2 | - | All | All | All |
| Hardware | Cisco | Webex Room 70 Single G2 | - | All | All | All |
| Hardware | Cisco | Webex Room Kit | - | All | All | All |
| Hardware | Cisco | Webex Room Kit | - | All | All | All |
| Hardware | Cisco | Webex Room Kit Mini | - | All | All | All |
| Hardware | Cisco | Webex Room Kit Mini | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco TelePresence Collaboration Endpoint Software Arbitrary File Write Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.