CVE-2012-0331

2012-03-0101:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cisco

telepresence

video communication

server

x7.0.1

denial of service

sip

crafted sip packet

cve-2012-0331

nvd

6.8 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.2%

JSON

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.

CPENameOperatorVersion
cisco:telepresence_system_softwarecisco telepresence system softwarelex7.0
cisco:telepresence_system_softwarecisco telepresence system softwareeqx5.2
cisco:telepresence_system_softwarecisco telepresence system softwareeqx6.0
cisco:telepresence_system_softwarecisco telepresence system softwareeqx6.1
cisco:telepresence_video_communication_servercisco telepresence video communication servereq*

CPE	Name	Operator	Version
cisco:telepresence_system_software	cisco telepresence system software	le	x7.0
cisco:telepresence_system_software	cisco telepresence system software	eq	x5.2
cisco:telepresence_system_software	cisco telepresence system software	eq	x6.0
cisco:telepresence_system_software	cisco telepresence system software	eq	x6.1
cisco:telepresence_video_communication_server	cisco telepresence video communication server	eq	*