CVE-2013-1176

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-1176
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448.

7.1 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.1\(1.59\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.2\(1.46\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.1\(1.51\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.3\(1.68\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.2\(1.50\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4500_series_software:4.2\(1.43\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:telepresence_mcu_4520:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_mcu_4515:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_mcu_4505:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_mcu_4510:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.1\(1.51\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.3\(1.68\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.2\(1.50\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.2\(1.46\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.2\(1.43\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_4501_series_software:4.1\(1.59\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_mcu_4501:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.3\(1.68\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.2\(1.46\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.1\(1.51\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.1\(1.59\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.2\(1.50\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_mcu_mse_series_software:4.2\(1.43\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_mcu_mse_8510:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:cisco:telepresence_server_software:2.1\(1.33\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:2.1\(1.37\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:2.2\(1.43\):*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:telepresence_server_7010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_server_mse_8710:-:*:*:*:*:*:*:*
Information

Published : 2013-04-18 11:55

Updated : 2013-04-18 21:00

NVD link : CVE-2013-1176

Mitre link : CVE-2013-1176

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

cisco

  • telepresence_server_software
  • telepresence_mcu_4500_series_software
  • telepresence_mcu_4501_series_software
  • telepresence_mcu_4510
  • telepresence_server_7010
  • telepresence_mcu_4520
  • telepresence_mcu_4515
  • telepresence_mcu_mse_8510
  • telepresence_mcu_mse_series_software
  • telepresence_mcu_4501
  • telepresence_mcu_4505
  • telepresence_server_mse_8710