Denial of Service in Cisco TelePresence Endpoint Devices
CVE-2011-0377

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence System Software; Telepresence System 1000; Telepresence System 1100
Vendor: CVE Published:; 25 February 2011

Summary

Cisco TelePresence endpoint devices running software versions 1.2.x through 1.6.x are susceptible to denial of service attacks. This vulnerability allows remote attackers to exploit malformed SOAP requests when combined with a spoofed TelePresence Manager providing an invalid IP address. The attack can lead to a service crash, interrupting the operation of the affected devices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65616

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1025112

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011