Unauthenticated XML-RPC Interface Access in Cisco TelePresence Recording Server Software 1.6.x

Unauthenticated XML-RPC Interface Access in Cisco TelePresence Recording Server Software 1.6.x

CVE-2011-0392 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.

Learn more about our Cis Benchmark Audit For Server Software.