VIR Vulnerability Intelligence Relay

CVE-2014-2174

high
Published 2015-05-25 · Modified 2026-05-06
CVSS v3
CVSS v2
8.3
VIR risk
8.3

Description

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc

Application impact
VendorProductVersionsFixed
ciscotelepresence_tc_software3.1.5
ciscotelepresence_tc_software3.1_base
ciscotelepresence_tc_software4.1.0
ciscotelepresence_tc_software4.1.1
ciscotelepresence_tc_software4.1.2
ciscotelepresence_tc_software4.1_base
ciscotelepresence_tc_software4.2.0
ciscotelepresence_tc_software4.2.1
ciscotelepresence_tc_software4.2.2
ciscotelepresence_tc_software4.2.3
ciscotelepresence_tc_software4.2.4
ciscotelepresence_tc_software4.2_base
ciscotelepresence_tc_software5.0.2
ciscotelepresence_tc_software5.0.2-cucm
ciscotelepresence_tc_software5.0_base
ciscotelepresence_tc_software5.1.3
ciscotelepresence_tc_software5.1.3-cucm
ciscotelepresence_tc_software5.1.4
ciscotelepresence_tc_software5.1.4-cucm
ciscotelepresence_tc_software5.1.5
ciscotelepresence_tc_software5.1.5-cucm
ciscotelepresence_tc_software5.1.6
ciscotelepresence_tc_software5.1.6-cucm
ciscotelepresence_tc_software5.1.7
ciscotelepresence_tc_software5.1.7-cucm
ciscotelepresence_tc_software5.1_base
ciscotelepresence_tc_software6.0.0
ciscotelepresence_tc_software6.0.0-cucm
ciscotelepresence_tc_software6.0.1
ciscotelepresence_tc_software6.0.1-cucm
ciscotelepresence_tc_software6.0.2
ciscotelepresence_tc_software6.0_base
ciscotelepresence_tc_software6.1.0
ciscotelepresence_tc_software6.1.0-cucm
ciscotelepresence_tc_software6.1.1
ciscotelepresence_tc_software6.1.1-cucm
ciscotelepresence_tc_software6.1.2
ciscotelepresence_tc_software6.1.2-cucm
ciscotelepresence_tc_software6.1_base
ciscotelepresence_tc_software6.3.0
ciscotelepresence_te_software6.0.0
ciscotelepresence_te_software6.0.1
ciscotelepresence_te_software6.0.2
ciscotelepresence_te_software6.0_base

References

CWEs

CWE-284

Verify integrity in audit chain (admin only). AS-IS.