Improper input validation in Cisco Telepresence_mcu_4500_series_software
CVE-2013-1176
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attacker…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.004 (61.0th percentile) — read the EPSS interpretation.
Affected products
- Cisco Telepresence_mcu_4500_series_software — versions 4.1\(1.51\), 4.1\(1.59\), 4.2\(1.43\)
- Cisco Telepresence_mcu_4501
- Cisco Telepresence_mcu_4501_series_software — versions 4.1\(1.51\), 4.1\(1.59\), 4.2\(1.43\)
- Cisco Telepresence_mcu_4505
- Cisco Telepresence_mcu_4510
- Cisco Telepresence_mcu_4515
- Cisco Telepresence_mcu_4520
- Cisco Telepresence_mcu_mse_8510
- Cisco Telepresence_mcu_mse_series_software — versions 4.1\(1.51\), 4.1\(1.59\), 4.2\(1.43\)
- Cisco Telepresence_server_7010
Weakness classification (CWE)
References
- 20130417 Cisco TelePresence Infrastructure Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory)