Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20140430-MXP
HistoryApr 30, 2014 - 4:00 p.m.

Multiple Vulnerabilities in Cisco TelePresence System MXP Series

2014-04-3016:00:00
tools.cisco.com
69

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.974

Percentile

99.9%

JSON

Cisco TelePresence System MXP Series Software contains the following vulnerabilities:

Three SIP denial of service vulnerabilities
Three H.225 denial of service vulnerabilities

Successful exploitation of these vulnerabilities may allow an attacker to cause system instability and the affected system to reload.

Note: This security advisory does not provide information about the OpenSSL TLS Heartbeat Read Overrun Vulnerability identified by CVE-2014-0160 (also known as Heartbleed). For additional information regarding Cisco products affected by the Heartbleed vulnerability, refer to the Cisco Security Advisory available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed”]

Cisco has released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp”]

Affected configurations

Vulners
Node
ciscotelepresence_mxp_softwareMatchany
OR
ciscotelepresence_mxp_softwareMatchany
VendorProductVersionCPE
ciscotelepresence_mxp_softwareanycpe:2.3:a:cisco:telepresence_mxp_software:any:*:*:*:*:*:*:*

Related

nessus 48
cvelist 7
nvd 6
cve 7
securityvulns 28
prion 7
openvas 16
ibm 4
hp 2
osv 1
ics 6
packetstorm 5
thn 3
hackerone 4
seebug 13
openssl 1
zdt 3
symantec 1
exploitpack 3
kitploit 2
intel 1
redhat 4
cloudfoundry 1
debian 3
checkpoint_advisories 1
veracode 1
metasploit 2
cisa_kev 1
mageia 1
arista 1
huawei 1
cert 1
myhack58 1
threatpost 3
cisco 2
debiancve 1
qt 1
centos 1
oraclelinux 1
vulnerlab 1
freebsd 1
atlassian 1
malwarebytes 1
nessus
nessus
Cisco TelePresence MXP Series Software Multiple Vulnerabilities (cisco-sa-20140430-mxp)
2014-05-08 00:00:00
Websense Email Security Heartbeat Information Disclosure (Heartbleed)
2014-04-29 00:00:00
stunnel < 5.01 OpenSSL Heartbeat Information Disclosure (Heartbleed)
2014-04-14 00:00:00
cvelist
cvelist
CVE-2014-2159
2014-05-02 10:00:00
CVE-2014-2158
2014-05-02 10:00:00
CVE-2014-2157
2014-05-02 10:00:00
nvd
nvd
CVE-2014-2158
2014-05-02 10:55:08
CVE-2014-2159
2014-05-02 10:55:08
CVE-2014-2157
2014-05-02 10:55:08
cve
cve
CVE-2014-2158
2014-05-02 10:55:08
CVE-2014-2159
2014-05-02 10:55:08
CVE-2014-2157
2014-05-02 10:55:08
securityvulns
securityvulns
Cisco Telepresence multiple security vulnerabilities
2014-05-02 00:00:00
[security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using HP System Management Homepage &#40;SMH&#41; running OpenSSL, Remote Disclosure of Information
2014-05-02 00:00:00
[security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information
2014-05-02 00:00:00
prion
prion
Code injection
2014-05-02 10:55:00
Design/Logic Flaw
2014-05-02 10:55:00
Design/Logic Flaw
2014-05-02 10:55:00
openvas
openvas
openSUSE: Security Advisory for update (openSUSE-SU-2014:0492-1)
2014-04-10 00:00:00
Western Digital My Cloud Multiple Products < 1.02.08 'Heartbleed' Vulnerability
2020-09-02 00:00:00
OpenSSL Buffer Overflow Vulnerability (20140407, Heartbleed) - Windows
2021-07-19 00:00:00
ibm
ibm
Security Bulletin: TS3310 is affected by a vulnerability in OpenSSL (CVE-2014-0160)
2018-06-18 00:07:46
Security Bulletin: Some versions of IBM Security Access Manager for Web are affected by the Heartbleed vulnerability (CVE-2014-0160)
2018-06-16 21:17:17
Security Bulletin: IBM SDN for Virtual Environments is affected by a vulnerability in OpenSSL (CVE-2014-0160)
2018-06-18 01:24:45
hp
hp
HPSBPI03031 rev.3 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information
2014-04-30 00:00:00
HPSBPI03014 rev.2 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information
2014-04-22 00:00:00
osv
osv
openssl - security update
2014-04-07 00:00:00
ics
ics
OpenSSL Vulnerability
2018-08-27 12:00:00
Certec atvise scada OpenSSL Heartbleed Vulnerability
2018-08-23 12:00:00
Unified Automation OPC SDK OpenSSL Vulnerability
2018-09-06 12:00:00
packetstorm
packetstorm
OpenSSL TLS Heartbeat Extension Memory Disclosure
2014-04-08 00:00:00
OpenSSL Heartbeat (Heartbleed) Information Leak
2014-04-10 00:00:00
Mass Bleed 20140423
2014-04-23 00:00:00
thn
thn
Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
2017-01-22 23:27:00
How to Protect yourself from the 'Heartbleed' Bug
2014-04-10 07:58:00
How Heartbleed Bug Exposes Your Passwords to Hackers
2014-04-10 07:00:00
hackerone
hackerone
Mail.ru: OpenSSL HeartBleed (CVE-2014-0160)
2014-10-23 15:12:13
Concrete CMS: https://concrete5.org ::: HeartBleed Attack (CVE-2014-0160)
2014-04-08 11:01:31
Mail.ru: scfbp.tng.mail.ru: Heartbleed
2015-02-25 07:49:11
seebug
seebug
Splunk OpenSSL TLS心跳信息泄漏漏洞
2014-04-16 00:00:00
VMware多个产品OpenSSL TLS/DTLS心跳信息泄漏漏洞
2014-04-16 00:00:00
Kerio Control OpenSSL TLS心跳信息泄漏漏洞
2014-04-16 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-0160
2014-04-07 00:00:00
zdt
zdt
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
2014-04-09 00:00:00
Heartbleed User Session Extraction Exploit
2014-04-09 00:00:00
Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support
2014-04-24 00:00:00
symantec
symantec
Symantec Messaging Gateway 10.6.x ACE Library Static Link to Vulnerable SSL Version
2016-05-12 08:00:00
exploitpack
exploitpack
OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure
2014-04-08 00:00:00
OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak (1)
2014-04-10 00:00:00
OpenSSL 1.0.1f TLS Heartbeat Extension - Heartbleed Memory Disclosure (Multiple SSLTLS Versions)
2014-04-09 00:00:00
kitploit
kitploit
Collection of Heartbleed Tools (OpenSSL CVE-2014-0160)
2014-04-10 00:55:00
Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)
2015-10-01 09:47:00
intel
intel
Multiple Intel Software Products and API Services impacted by CVE-2014-0160
2014-04-30 00:00:00
redhat
redhat
(RHSA-2014:0378) Important: rhev-hypervisor6 security update
2014-04-08 00:00:00
(RHSA-2014:0377) Important: openssl security update
2014-04-08 00:00:00
(RHSA-2014:0376) Important: openssl security update
2014-04-08 00:00:00
cloudfoundry
cloudfoundry
CVE-2014-0160 Heartbleed | Cloud Foundry
2014-04-10 00:00:00
debian
debian
[SECURITY] [DSA 2896-1] openssl security update
2014-04-07 21:36:46
[SECURITY] [DSA 2896-2] openssl security update
2014-04-08 13:47:13
[SECURITY] [DSA 2896-2] openssl security update
2014-04-08 13:47:13
checkpoint_advisories
checkpoint_advisories
OpenSSL TLS Heartbeat information disclosure - Ver2 (CVE-2014-0160)
2014-12-28 00:00:00
veracode
veracode
Information Disclosure Through Buffer Over-read
2017-02-07 02:53:18
metasploit
metasploit
OpenSSL Heartbeat (Heartbleed) Information Leak
2014-06-28 21:06:46
OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
2014-04-09 14:38:11
cisa_kev
cisa_kev
OpenSSL Information Disclosure Vulnerability
2022-05-04 00:00:00
mageia
mageia
Updated tor packages fix multiple vulnerabilities
2014-06-06 18:33:56
arista
arista
Security Advisory 0004
2014-04-09 00:00:00
huawei
huawei
Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products
2014-04-17 00:00:00
cert
cert
OpenSSL TLS heartbeat extension read overflow discloses sensitive information
2014-04-08 00:00:00
myhack58
myhack58
Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net
2014-04-10 00:00:00
threatpost
threatpost
Tor Blacklisting Exit Nodes Vulnerable to Heartbleed Bug
2014-04-17 11:40:41
April 2014 Oracle Critical Patch Update
2014-04-16 12:32:06
Oracle Gives Heartbleed Update, Patches 14 Products
2014-04-21 13:55:42
cisco
cisco
OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
2014-04-09 03:00:00
OpenSSL TLS/DTLS Heartbeat Information Disclosure Vulnerability
2014-04-08 14:39:29
debiancve
debiancve
CVE-2014-0160
2014-04-07 22:55:03
qt
qt
Heartbleed Bug (CVE-2014-0160) and Qt
2014-04-10 00:00:00
centos
centos
openssl security update
2014-04-08 02:54:58
oraclelinux
oraclelinux
openssl security update
2014-04-07 00:00:00
vulnerlab
vulnerlab
HeartBleed SSL CVE 20140160 - 10 Steps to Fix in Ubuntu
2014-04-09 00:00:00
freebsd
freebsd
OpenSSL -- Remote Information Disclosure
2014-04-07 00:00:00
atlassian
atlassian
Update Tomcat Native DLL in JIRA Installer
2014-06-26 19:39:26
malwarebytes
malwarebytes
Five years later, Heartbleed vulnerability still unpatched
2019-09-12 15:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.974

Percentile

99.9%

JSON
Related for CISCO-SA-20140430-MXP
nessus48cvelist7nvd6cve7securityvulns28prion7openvas16ibm4hp2osv1ics6packetstorm5thn3hackerone4seebug13openssl1zdt3symantec1exploitpack3kitploit2intel1redhat4cloudfoundry1debian3checkpoint_advisories1veracode1metasploit2cisa_kev1mageia1arista1huawei1cert1myhack581threatpost3cisco2debiancve1qt1centos1oraclelinux1vulnerlab1freebsd1atlassian1malwarebytes1