Guest

Preview Tool

Cisco Bug: CSCua86589 - Cisco TP TC Software SIP Denial of Service Vulnerability

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Telepresence Integrator C Series

Known Affected Releases

5.1.0

Description (partial)

Symptoms:
Cisco TelePresence TC and TE Software are affected by the following vulnerabilities:

    Six Session Initiation Protocol (SIP) denial of service vulnerabilities
    Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability
    Cisco TelePresence TC and TE Software Input Validation Vulnerability
    Cisco TelePresence TC and TE Software tshell Command Injection Vulnerability
    Cisco TelePresence TC and TE Software Heap Overflow Vulnerability
    Cisco TelePresence TC and TE Software U-Boot Buffer Overflow Vulnerability
    Cisco TelePresence TC and TE Software Unauthenticated Serial Port Access Vulnerability
    Cisco TelePresence TC H.225 Denial of Service Vulnerability

Successful exploitation of these vulnerabilities could allow an attacker to cause the affected system to reload, execute arbitrary commands or
obtain privileged access to the affected system.

Note: This security advisory does not provide information about the OpenSSL TLS Heartbeat Read Overrun Vulnerability identified by CVE-2014-0160
(also known as Heartbleed).  For additional information on Cisco products affected by the Heartbleed vulnerability, refer to the Cisco Security
Advisory available at the following link:  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed


Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte

Conditions:
See published Cisco Security Advisory
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.