Vulnslist

find the latest Cisco vulnerabilities

Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities

cisco-sa-20120229-vcs · High · Published · Updated

Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address these vulnerabilities.  There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds available that mitigate these vulnerabilities.

Additional
mitigations that can be deployed on Cisco devices within the network are
available in the Cisco Applied Intelligence companion document for this
advisory: http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120229-vcs["http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120229-vcs"].

In order to improve the security posture of their installations, users are recommended to consult the Cisco TelePresence Hardening Guide, which is available at: http://www.cisco.com/web/about/security/intelligence/TP_Harden_Guide_wp.html.["http://www.cisco.com/web/about/security/intelligence/TP_Harden_Guide_wp.html"]

CVEsCVE-2012-0330, CVE-2012-0331
Cisco Bug IDsCSCtq73319, CSCtr20426
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco TelePresence Video Communication Server (VCS)

Related Products

Product CVE Evidence
Cisco TelePresence Video Communication Server (VCS) CVE-2012-0331 Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS) CVE-2012-0330 Cisco OpenVuln
Cisco TelePresence CVE-2012-0331 Cisco OpenVuln
Cisco TelePresence CVE-2012-0330 Cisco OpenVuln