CVE-2011-0377

Description

Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

Affected products

• Cisco / telepresence_system_1000
• Cisco / telepresence_system_1100
• Cisco / telepresence_system_1300_series
• Cisco / telepresence_system_3000
• Cisco / telepresence_system_3200_series
• Cisco / telepresence_system_500_series
• Cisco / telepresence_system_software1.5.11 – 1.5.11
• Cisco / telepresence_system_software1.5.12 – 1.5.12
• Cisco / telepresence_system_software1.5.13 – 1.5.13
• Cisco / telepresence_system_software1.6.0 – 1.6.0
• Cisco / telepresence_system_software1.6.2 – 1.6.2
• Cisco / telepresence_system_software1.2.3 – 1.2.3
• Cisco / telepresence_system_software1.6.4 – 1.6.4
• Cisco / telepresence_system_software1.6.5 – 1.6.5
• Cisco / telepresence_system_software1.6.6 – 1.6.6
• Cisco / telepresence_system_software1.6.7 – 1.6.7
• Cisco / telepresence_system_software1.6.8 – 1.6.8
• Cisco / telepresence_system_software1.6.3 – 1.6.3
• Cisco / telepresence_system_software1.3.2 – 1.3.2
• Cisco / telepresence_system_software1.4.7 – 1.4.7
• Cisco / telepresence_system_software1.5.1 – 1.5.1
• Cisco / telepresence_system_software1.5.3 – 1.5.3
• Cisco / telepresence_system_software1.5.10 – 1.5.10

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/65616
• MISChttp://www.securitytracker.com/id?1025112
• VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtml