1. Home
  2. CVE Database
  3. CVE-2011-0388
HIGH · 7.8

CVE-2011-0388

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote acc...

Vulnerability Description

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoTelepresence Recording Server Software1.6.1
CiscoTelepresence Recording ServerAll versions
CiscoTelepresence Multipoint Switch Software1.0.4.0
CiscoTelepresence Multipoint SwitchAll versions

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2011-0388?

CVE-2011-0388 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote acc...

How severe is CVE-2011-0388?

CVE-2011-0388 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0388?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Recording Server Software, Cisco Telepresence Recording Server, Cisco Telepresence Multipoint Switch Software, Cisco Telepresence Multipoint Switch.