Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2013-06-21 |
| Product | Telepresence Tc Software | Last view | 2017-06-08 |
| Version | 5.1.13 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:cisco:telepresence_tc_software | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2017-06-08 | CVE-2017-6648 | A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002. |
| 7.8 | 2013-06-21 | CVE-2013-3378 | Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-20 | Improper Input Validation |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0126 | Multiple Vulnerabilities in Cisco TelePresence Products Severity: Category I - VMSKEY: V0039135 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | INVITE flood attempt RuleID : 20396 - Type : PROTOCOL-VOIP - Revision : 8 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-06-16 | Name: A video conferencing application running on the remote host is affected by a ... File: cisco-sa-20170607-tele.nasl - Type: ACT_GATHER_INFO |
| 2013-07-24 | Name: The remote device is affected by a denial of service vulnerability. File: cisco_telepresence_mcu_cve_2013_3378.nasl - Type: ACT_GATHER_INFO |
