CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
88.6%
Cisco TelePresence Manager contains the following vulnerabilities:
Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability
Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability
Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition,
causing the product to become unresponsive to new connection requests and
potentially leading to termination services and processes.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute
arbitrary code with elevated privileges.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.
This advisory is available at the following link:
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_recording_server | any | cpe:2.3:h:cisco:telepresence_recording_server:any:*:*:*:*:*:*:* |
cisco | telepresence_manager | any | cpe:2.3:a:cisco:telepresence_manager:any:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch | any | cpe:2.3:h:cisco:telepresence_multipoint_switch:any:*:*:*:*:*:*:* |