Denial of Service in Cisco TelePresence Endpoint Devices
CVE-2011-0377

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence System Software; Telepresence System 1000; Telepresence System 1100
Vendor: CVE Published:; 25 February 2011

What is CVE-2011-0377?

Cisco TelePresence endpoint devices running software versions 1.2.x through 1.6.x are susceptible to denial of service attacks. This vulnerability allows remote attackers to exploit malformed SOAP requests when combined with a spoofed TelePresence Manager providing an invalid IP address. The attack can lead to a service crash, interrupting the operation of the affected devices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65616

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1025112

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011