Vulnerabilities > CVE-2011-0377 - Resource Management Errors vulnerability in Cisco products

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2011-02-25

Updated: 2017-08-17

Summary

Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Telepresence System Software 1.2.3 Cisco Telepresence System Software 1.3.2 Cisco Telepresence System Software 1.4.7 Cisco Telepresence System Software 1.5.1 Cisco Telepresence System Software 1.5.3 Cisco Telepresence System Software 1.5.10 Cisco Telepresence System Software 1.5.11 Cisco Telepresence System Software 1.5.12 Cisco Telepresence System Software 1.5.13 Cisco Telepresence System Software 1.6.0 Cisco Telepresence System Software 1.6.2 Cisco Telepresence System Software 1.6.3 Cisco Telepresence System Software 1.6.4 Cisco Telepresence System Software 1.6.5 Cisco Telepresence System Software 1.6.6 Cisco Telepresence System Software 1.6.7 Cisco Telepresence System Software 1.6.8	17
Hardware	Cisco Cisco Telepresence System 1000 * Cisco Telepresence System 1100 * Cisco Telepresence System 3000 * Cisco Telepresence System 1300 Series * Cisco Telepresence System 3200 Series * Cisco Telepresence System 500 Series *	6

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References