Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 01:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml - Vendor Advisory | |
References | () http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/46523 - | |
References | () http://www.securitytracker.com/id?1025113 - | |
References | () http://www.securitytracker.com/id?1025114 - |
Information
Published : 2011-02-25 12:00
Updated : 2024-11-21 01:23
NVD link : CVE-2011-0388
Mitre link : CVE-2011-0388
CVE.ORG link : CVE-2011-0388
JSON object : View
Products Affected
cisco
- telepresence_multipoint_switch_software
- telepresence_recording_server_software
- telepresence_multipoint_switch
- telepresence_recording_server
CWE
CWE-399
Resource Management Errors