This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2013-06-21
Product Telepresence Tc Software Last view 2017-06-08
Version 5.1.13 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:cisco:telepresence_tc_software

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2017-06-08 CVE-2017-6648

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.

7.8 2013-06-21 CVE-2013-3378

Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-20 Improper Input Validation

Information Assurance Vulnerability Management (IAVM)

id Description
2013-A-0126 Multiple Vulnerabilities in Cisco TelePresence Products
Severity: Category I - VMSKEY: V0039135

Snort® IPS/IDS

Date Description
2014-01-10 INVITE flood attempt
RuleID : 20396 - Type : PROTOCOL-VOIP - Revision : 8

Nessus® Vulnerability Scanner

id Description
2017-06-16 Name: A video conferencing application running on the remote host is affected by a ...
File: cisco-sa-20170607-tele.nasl - Type: ACT_GATHER_INFO
2013-07-24 Name: The remote device is affected by a denial of service vulnerability.
File: cisco_telepresence_mcu_cve_2013_3378.nasl - Type: ACT_GATHER_INFO