Skip to main content

Telepresence Video Communication Server CVE-2024-20492

MEDIUM
Command Injection (CWE-77)
2024-10-02 psirt@cisco.com
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 02, 2024 - 17:15 nvd
MEDIUM 6.7

DescriptionNVD

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device. Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices.

AnalysisAI

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Command Injection (CWE-77), which allows attackers to inject arbitrary commands into system command execution. A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level credentials with read-write privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a series of crafted CLI commands. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of the affected device. Note: Cisco Expressway Series refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. Affected products include: Cisco Telepresence Video Communication Server.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized APIs, avoid shell execution, validate input with strict allowlists.

CVE-2016-1468 HIGH
8.8 Aug 08

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authen

CVE-2017-3790 HIGH
8.6 Feb 01

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Serv

CVE-2019-1845 HIGH
8.6 Jun 05

A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM

CVE-2012-0330 HIGH
7.8 Mar 01

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of s

CVE-2023-20192 HIGH
7.7 Jun 28

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow

CVE-2016-1400 HIGH
7.5 May 25

Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of ser

CVE-2012-0331 HIGH
7.5 Mar 01

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of s

CVE-2020-3596 HIGH
7.5 Oct 08

A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communi

CVE-2018-0409 HIGH
7.5 Aug 15

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P)

CVE-2018-0358 HIGH
7.5 Jun 21

A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could

CVE-2023-20209 HIGH
7.2 Aug 16

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communicat

CVE-2022-20755 HIGH
7.2 Apr 06

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresenc

Share

CVE-2024-20492 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy