Vulnerability CVE-2012-3073
Published: 2012-07-12

Description:
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Telepresence manager 
Cisco -> Telepresence multipoint switch software 
Cisco -> Telepresence recording server 
Cisco -> Telepresence system software 
Cisco -> Telepresence multipoint switch 
Cisco -> Telepresence system 1300 65 
Cisco -> Telepresence system 3000 
Cisco -> Telepresence system 3010 
Cisco -> Telepresence system 3200 
Cisco -> Telepresence system 3210 
Cisco -> Telepresence system t3 
Cisco -> Telepresence system tx1300 47 
Cisco -> Telepresence system tx1310 65 
Cisco -> Telepresence system tx9000 
Cisco -> Telepresence system tx9200 

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman
Copyright 2024, cxsecurity.com

 

Back to Top