Denial of Service Vulnerability in Cisco TelePresence Endpoints and Codecs
CVE-2011-2577

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Codec C40; Telepresence Codec C60; Telepresence Codec C90; Telepresence Ex60
Vendor: CVE Published:; 31 August 2011

Summary

A vulnerability exists in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs that permits remote attackers to exploit crafted SIP packets sent to port 5060 or 5061, potentially leading to a denial of service through system crashes. Systems running software versions prior to TC 4.0.0 for C Series and E/EX units, or F9.1 for MXP codecs are particularly susceptible to this issue.

References

http://www.securitytracker.com/id?1025994

vdb-entryx_refsource_SECTRACK

http://securityreason.com/securityalert/8389

third-party-advisoryx_refsource_SREASON

http://securityreason.com/securityalert/8387

third-party-advisoryx_refsource_SREASON

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 31, 2011
Vulnerability Reserved
Jun 27, 2011