CVE-2011-0388

2011-02-2512:00:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2011-0388

cisco

telepresence

recording server

multipoint switch

rce

csctg35830

csctg35825

denial of service

nvd

6.8 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.008 Low

EPSS

Percentile

81.3%

JSON

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

CPENameOperatorVersion
cisco:telepresence_recording_server_softwarecisco telepresence recording server softwareeq1.6.1
cisco:telepresence_recording_server_softwarecisco telepresence recording server softwareeq1.6.2
cisco:telepresence_recording_server_softwarecisco telepresence recording server softwareeq1.6.3
cisco:telepresence_recording_servercisco telepresence recording servereq*
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.0.4.0
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.1.0
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.1.1
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.1.2
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.5.0
cisco:telepresence_multipoint_switch_softwarecisco telepresence multipoint switch softwareeq1.5.1

CPE	Name	Operator	Version
cisco:telepresence_recording_server_software	cisco telepresence recording server software	eq	1.6.1
cisco:telepresence_recording_server_software	cisco telepresence recording server software	eq	1.6.2
cisco:telepresence_recording_server_software	cisco telepresence recording server software	eq	1.6.3
cisco:telepresence_recording_server	cisco telepresence recording server	eq	*
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.0.4.0
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.1.0
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.1.1
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.1.2
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.5.0
cisco:telepresence_multipoint_switch_software	cisco telepresence multipoint switch software	eq	1.5.1