Vulnerability Description
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Codec C40 | All versions |
| Cisco | Telepresence Codec C60 | All versions |
| Cisco | Telepresence Codec C90 | All versions |
| Cisco | Telepresence Ex60 | All versions |
| Cisco | Telepresence Ex90 | All versions |
| Cisco | Telepresence C Series Software | <= tc3.1.4 |
| Cisco | Telepresence 6000 Mxp | All versions |
| Cisco | Telepresence 9000 Mxp | All versions |
| Cisco | Telepresence Mxp Software | f8.2 |
| Cisco | Telepresence E20 | All versions |
| Cisco | Telepresence E20 Software | te2.2.1 |
References
- http://securityreason.com/securityalert/8387
- http://securityreason.com/securityalert/8389
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b91395.sVendor Advisory
- http://www.exploit-db.com/exploits/17871Exploit
- http://www.securityfocus.com/archive/1/519698/100/0/threaded
- http://www.securityfocus.com/bid/49392
- http://www.securitytracker.com/id?1025994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69513
- http://securityreason.com/securityalert/8387
- http://securityreason.com/securityalert/8389
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b91395.sVendor Advisory
- http://www.exploit-db.com/exploits/17871Exploit
- http://www.securityfocus.com/archive/1/519698/100/0/threaded
- http://www.securityfocus.com/bid/49392
- http://www.securitytracker.com/id?1025994
FAQ
What is CVE-2011-2577?
CVE-2011-2577 is a vulnerability with a CVSS score of 7.8 (HIGH). Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to c...
How severe is CVE-2011-2577?
CVE-2011-2577 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2577?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Codec C40, Cisco Telepresence Codec C60, Cisco Telepresence Codec C90, Cisco Telepresence Ex60, Cisco Telepresence Ex90.