{"containers": {"cna": {"affected": [{"product": "Cisco TelePresence TC Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-01-22T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-23T00:25:21", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ"}], "source": {"advisory": "cisco-sa-telepresence-path-tr-wdrnYEZZ", "defect": [["CSCvs45241", "CSCvs67675", "CSCvs67680"]], "discovery": "INTERNAL"}, "title": "Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-01-22T16:00:00", "ID": "CVE-2020-3143", "STATE": "PUBLIC", "TITLE": "Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco TelePresence TC Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.8", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22"}]}]}, "references": {"reference_data": [{"name": "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ"}]}, "source": {"advisory": "cisco-sa-telepresence-path-tr-wdrnYEZZ", "defect": [["CSCvs45241", "CSCvs67675", "CSCvs67680"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:24:00.620Z"}, "title": "CVE Program Container", "references": [{"name": "20200122 Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3143", "datePublished": "2020-09-23T00:25:21.647542Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-09-17T00:26:30.480Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ex60:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DCB5C6D-7E0A-4C3C-953A-DE9176060335", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ex60_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "25AE211E-E216-456C-A418-54A9F1D4A528", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ex90:-:*:*:*:*:*:*:*", "matchCriteriaId": "92DC52BD-9704-4406-9F8B-44049A18BC8C", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ex90_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "50D1F2D2-17F2-4A96-AF6B-DFFE5FDF6E9A", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx10:-:*:*:*:*:*:*:*", "matchCriteriaId": "318D0E10-B389-45A7-8B53-F515C0E8CA31", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx10_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "46CAB451-2370-4FDA-981A-2402BCA610DF", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx20:-:*:*:*:*:*:*:*", "matchCriteriaId": "18EB7279-FB2E-433D-A6DA-5E5E94725C27", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx20_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EFB48F0-3B5A-4DD2-BB68-38BA42043DA8", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:sx80:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD91FCB6-AF82-4425-BBBC-7CDD8CBF7978", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sx80_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B803447B-B889-41DE-8254-BBEF0D664FC0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c40:-:*:*:*:*:*:*:*", "matchCriteriaId": "B87CEA3A-2CF3-48DF-935F-31553CAC1ED8", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c40_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1AF8E71F-0EDA-473A-A673-E29CAC50C256", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c60:-:*:*:*:*:*:*:*", "matchCriteriaId": "0754B77C-E888-461E-AA1E-74B78DA59B78", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c60_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7549095E-BC00-449F-98AD-2FDF61506AB0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_codec_c90:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BFF6AA3-4850-40A3-8211-82F60F14ACD3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_codec_c90_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "53020625-037E-46A9-B970-C30802BDC111", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70567CFE-DEBD-4285-BB11-6EDC94126949", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx200:-:*:*:*:*:*:*:*", "matchCriteriaId": "392D3BBE-8C2D-4643-95DB-79CF5CEDBC6A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx300_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC55F6C2-D7FA-4BCA-961E-4994F577D151", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx300:-:*:*:*:*:*:*:*", "matchCriteriaId": "63ED55F5-C88A-463D-9D5D-347D8C85AC43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx700_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7F13426-3904-4A07-B1B9-1464F5E083DC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx700:-:*:*:*:*:*:*:*", "matchCriteriaId": "89C485F0-17FF-4785-ABF1-BC6CB38196E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_mx800_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF15695E-752D-4C94-9A77-0BB56F10CA1F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_mx800:-:*:*:*:*:*:*:*", "matchCriteriaId": "16DE9D91-7C80-4BDB-B4B4-FACD56957999", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "61A0EF95-7CC5-4EE2-A5D8-803195F63F49", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6554B9F-CD89-49B4-B55A-510B1C881C4F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68546316-D08D-4E0B-BDDE-BF6320B730EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D0EC6FF-44F6-4033-BDAF-A396C2635D3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "85FDA9FB-BB79-4A60-B825-D68B3719BFE3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*", "matchCriteriaId": "A85B502B-2F55-4CA5-9AAA-0CD5BBA45EB7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5565DF04-82F3-40C7-8E82-44A0DA72398B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*", "matchCriteriaId": "15073B83-81ED-4E98-8521-1320F8120C3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CA125CA-2BF9-4F22-8F8B-DC2E09A19E51", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*", "matchCriteriaId": "31842684-B05D-4E17-9229-EC6993E78612", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "69224767-0E2B-4A85-A7F1-77C6B41668DE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EEB693F-64A4-46CC-B7AB-8BC0AA84F9E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "53BE3D06-730E-44E2-B3B0-ED29AB5D1BF1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*", "matchCriteriaId": "C17B385C-68D5-4FF5-AE40-6EDA46E3ACB7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "90095155-ABC0-43C9-896A-55A797EC2055", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A983D4D-9E04-45CE-BE3C-9FCD0018837F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA1BD59F-078D-45D2-AC39-C479A4C6E7CA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD45F341-FAD8-4B10-B28C-8697E51C6B61", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the xAPI of the affected software. An attacker could exploit this vulnerability by sending a crafted request to the xAPI. A successful exploit could allow the attacker to read and write arbitrary files in the system. To exploit this vulnerability, an attacker would need either an In-Room Control or administrator account."}, {"lang": "es", "value": "Una vulnerabilidad en la API del endpoint de video (xAPI) de Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, y Cisco RoomOS Software, podr\u00eda permitir a un atacante remoto autenticado conducir ataques de salto de directorio en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario para la xAPI del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n dise\u00f1ada hacia la xAPI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer y escribir archivos arbitrarios en el sistema. Para explotar esta vulnerabilidad, un atacante podr\u00eda necesitar un In-Room Control o una cuenta de administrador"}], "id": "CVE-2020-3143", "lastModified": "2020-10-05T14:43:03.897", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-23T01:15:15.410", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}