Vulnerability in Cisco Telepresence_system_1000

CVE-2011-0377

Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an inva…

EPSS: 0.006 (69.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Telepresence_system_1000
Cisco Telepresence_system_1100
Cisco Telepresence_system_1300_series
Cisco Telepresence_system_3000
Cisco Telepresence_system_3200_series
Cisco Telepresence_system_500_series
Cisco Telepresence_system_software — versions 1.2.3, 1.3.2, 1.4.7
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

cisco-endpoint-ipaddress-dos(65616) (vdb-entry, x_refsource_XF)
1025112 (vdb-entry, x_refsource_SECTRACK)
20110223 Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices (x_refsource_CISCO, vendor-advisory, Vendor Advisory)