Cisco TelePresence Infrastructure Denial of Service Vulnerability

2013-04-1716:00:00

tools.cisco.com

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

55.7%

JSON

Cisco TelePresence multipoint control unit (MCU) and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi”]

Affected configurations

Vulners

Node

ciscotelepresence_server_softwareMatchany

ciscotelepresence_mcu_softwareMatchany

ciscotelepresence_server_softwareMatchany

ciscotelepresence_mcu_softwareMatchany

VendorProductVersionCPE
ciscotelepresence_server_softwareanycpe:2.3:a:cisco:telepresence_server_software:any:*:*:*:*:*:*:*
ciscotelepresence_mcu_softwareanycpe:2.3:a:cisco:telepresence_mcu_software:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_server_software	any	cpe:2.3:a:cisco:telepresence_server_software:any:::::::*
cisco	telepresence_mcu_software	any	cpe:2.3:a:cisco:telepresence_mcu_software:any:::::::*