Vulnerabilities > CVE-2012-3073 - Unspecified vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.
Vulnerable Configurations
Nessus
NASL family | CISCO |
NASL id | CISCO-SA-20120711-CTMS.NASL |
description | According to its self-reported version, the version of Cisco TelePresence Multipoint Switch Server installed on the remote host is potentially affected by multiple vulnerabilities : - By sending specially crafted IP packets at a high rate, it may be possible to crash some of the services running on the host. (CVE-2012-3073) - The Cisco Discovery Protocol (CDP) implementation on the remote host is affected by a vulnerability that could allow a remote, unauthenticated, adjacent attacker with data link layer access the ability to execute arbitrary code by sending specially crafted CDP packets. (CVE-2012-2486) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 70024 |
published | 2013-09-20 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/70024 |
title | Cisco TelePresence Multipoint Switch Multiple Vulnerabilities (cisco-sa-20120711-ctms) |
code |
|