CVE-2013-3377

Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:cisco:telepresence_tc_software::::::::
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:::::::*

OR	cpe:2.3:h:cisco:telepresence_codec_c90:-:::::::*
	cpe:2.3:h:cisco:telepresence_profile_65:-:::::::*
	cpe:2.3:h:cisco:telepresence_profile_55:-:::::::*
	cpe:2.3:h:cisco:telepresence_quick_set_sx20:-:::::::*
	cpe:2.3:h:cisco:telepresence_mx200:-:::::::*
	cpe:2.3:h:cisco:telepresence_ex90:-:::::::*
	cpe:2.3:h:cisco:telepresence_codec_c40:-:::::::*
	cpe:2.3:h:cisco:telepresence_quick_set_c20:-:::::::*
	cpe:2.3:h:cisco:telepresence_codec_c60:-:::::::*
	cpe:2.3:h:cisco:telepresence_mx300:-:::::::*
	cpe:2.3:h:cisco:telepresence_ex60:-:::::::*
	cpe:2.3:h:cisco:ip_video_phone_e20:-:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:cisco:telepresence_te_software:4.1.1:::::::*
	cpe:2.3:a:cisco:telepresence_te_software:4.1.0:::::::*
	cpe:2.3:a:cisco:telepresence_te_software::::::::

OR	cpe:2.3:h:cisco:telepresence_mx300:-:::::::*
	cpe:2.3:h:cisco:telepresence_ex60:-:::::::*
	cpe:2.3:h:cisco:telepresence_codec_c40:-:::::::*
	cpe:2.3:h:cisco:telepresence_codec_c90:-:::::::*
	cpe:2.3:h:cisco:ip_video_phone_e20:-:::::::*
	cpe:2.3:h:cisco:telepresence_ex90:-:::::::*
	cpe:2.3:h:cisco:telepresence_codec_c60:-:::::::*
	cpe:2.3:h:cisco:telepresence_profile_65:-:::::::*
	cpe:2.3:h:cisco:telepresence_quick_set_sx20:-:::::::*
	cpe:2.3:h:cisco:telepresence_mx200:-:::::::*
	cpe:2.3:h:cisco:telepresence_profile_55:-:::::::*
	cpe:2.3:h:cisco:telepresence_quick_set_c20:-:::::::*

Information

Published : 2013-06-21 06:57

Updated : 2013-06-21 10:29

NVD link : CVE-2013-3377

Mitre link : CVE-2013-3377

JSON object : View

CWE

CWE-399

Resource Management Errors

Products Affected

cisco

telepresence_codec_c40
telepresence_codec_c60
ip_video_phone_e20
telepresence_tc_software
telepresence_mx300
telepresence_quick_set_sx20
telepresence_profile_65
telepresence_te_software
telepresence_mx200
telepresence_profile_55
telepresence_ex90
telepresence_ex60
telepresence_codec_c90
telepresence_quick_set_c20

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc", "name": "20130619 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", "tags": [], "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-399"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-3377", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-06-21T13:57Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.1.6"}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_tc_software:5.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c90:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_profile_65:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_profile_55:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_quick_set_sx20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mx200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_ex90:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_quick_set_c20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c60:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mx300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_ex60:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:ip_video_phone_e20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:telepresence_te_software:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.1.2"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mx300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_ex60:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c90:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:ip_video_phone_e20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_ex90:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_codec_c60:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_profile_65:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_quick_set_sx20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mx200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_profile_55:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:telepresence_quick_set_c20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-06-21T17:29Z"}

7.8 /10