Cisco TelePresence Infrastructure Denial of Service Vulnerability

2013-04-1716:00:00

tools.cisco.com

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

50.5%

JSON

Cisco TelePresence multipoint control unit (MCU) and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi”]

Affected configurations

Vulners

Node

ciscotelepresence_server_softwareMatchany

ciscotelepresence_mcu_softwareMatchany

ciscotelepresence_server_softwareMatchany

ciscotelepresence_mcu_softwareMatchany

CPENameOperatorVersion
cisco telepresence server softwareeqany
cisco telepresence mcu softwareeqany
cisco telepresence server softwareeqany
cisco telepresence mcu softwareeqany

Name	Operator	Version
cisco telepresence server software	eq	any
cisco telepresence mcu software	eq	any
cisco telepresence server software	eq	any
cisco telepresence mcu software	eq	any