CVE-2011-0388

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Recording Server Software; Telepresence Recording Server
Vendor: CVE Published:; 25 February 2011

Summary

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1025114

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Jan 7, 2011