CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
88.6%
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_multipoint_switch_software | * | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:*:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.0.4.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.0.4.0(21) | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0\(21\):*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.0(254) | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0\(254\):*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.1 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.1(30) | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1\(30\):*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.2 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.2(6) | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2\(6\):*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.5.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:* |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman