Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0611


Vulnerability Score 6.5 6.5
CVE Id CVE-2015-0611
Last Modified 18 Feb 2015 10:01:15
Published 11 Feb 2015 08:59:27
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX5000 devices does not properly restrict the device-recovery account's access, which allows remote authenticated users to obtain HelpDesk-equivalent privileges by leveraging device-recovery authentication, aka Bug ID CSCus74174.

Vulnerable Systems

Operating System

  • Cisco Telepresence System Software Ix 8.0.0

  • Cisco Telepresence System Software Ix 8.0.1



CISCO - 20150210 Cisco TelePresence IX5000 Series Web Management Vulnerability

XF - cisco-cve20150611-priv-esc(100806)

SECTRACK - 1031733

BID - 72568

Last Updated: 27 May 2016 11:07:52