CVE-2012-0331

Опубликовано: 01 мар. 2012

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.

Комментарий

Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs

'Vulnerable Products These vulnerabilities affect all three variants (Control, Expressway, and Starter Pack Express) of Cisco TelePresence Video Communication Server.'

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*

Версия до x7.0 (включая)

cpe:2.3:a:cisco:telepresence_system_software:x5.2:*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:x6.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:telepresence_system_software:x6.1:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:cisco:telepresence_video_communication_server:*:*:control:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_video_communication_server:*:*:expressway:*:*:*:*:*

cpe:2.3:h:cisco:telepresence_video_communication_server:*:*:starter_pack_express:*:*:*:*:*

EPSS

Процентиль: 64%

0.0046

Низкий

7.5 High

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-mvfx-mm77-jc47

github

почти 4 года назад