Guest

Preview Tool

Cisco Bug: CSCur50347 - Going to upgrade_control.html without being logged in causes MCU to segf

Last Modified

Feb 18, 2016

Products (15)

  • Cisco TelePresence MCU 4500 Series
  • Cisco TelePresence MCU 4520
  • Cisco TelePresence MCU 4505
  • Cisco TelePresence MCU 4510
  • Cisco TelePresence MCU 5320
  • Cisco TelePresence MCU 4205
  • Cisco TelePresence MCU 4215
  • Cisco TelePresence MCU 4220
  • Cisco TelePresence MCU MSE 8420
  • Cisco TelePresence MCU 4203
View all products in Bug Search Tool Login Required

Known Affected Releases

4.5(1.45)

Description (partial)

Symptoms:

A vulnerability in the Cisco TelePresence multipoint control unit (MCU) contains a vulnerability that could allow an unauthenticated, remote
attacker to trigger a reload of an affected system.

The vulnerability is due to insufficient sanitization of TCP packets. An attacker could exploit this vulnerability by sending a sequence of TCP
packets to the affected system.

Conditions:
An affected system with software version 4.5(1.45).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.