CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
Low
EPSS
Percentile
81.4%
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_recording_server_software | 1.6.1 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.1:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.2 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.2:*:*:*:*:*:*:* |
cisco | telepresence_recording_server_software | 1.6.3 | cpe:2.3:a:cisco:telepresence_recording_server_software:1.6.3:*:*:*:*:*:*:* |
cisco | telepresence_recording_server | * | cpe:2.3:h:cisco:telepresence_recording_server:*:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.0.4.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.0.4.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.1 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.1:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.1.2 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.1.2:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.5.0 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.0:*:*:*:*:*:*:* |
cisco | telepresence_multipoint_switch_software | 1.5.1 | cpe:2.3:a:cisco:telepresence_multipoint_switch_software:1.5.1:*:*:*:*:*:*:* |