Vulnerability Description
Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Tc Software | <= 5.1.6 |
| Cisco | Ip Video Phone E20 | - |
| Cisco | Telepresence Codec C40 | - |
| Cisco | Telepresence Codec C60 | - |
| Cisco | Telepresence Codec C90 | - |
| Cisco | Telepresence Ex60 | - |
| Cisco | Telepresence Ex90 | - |
| Cisco | Telepresence Mx200 | - |
| Cisco | Telepresence Mx300 | - |
| Cisco | Telepresence Profile 55 | - |
| Cisco | Telepresence Profile 65 | - |
| Cisco | Telepresence Quick Set C20 | - |
| Cisco | Telepresence Quick Set Sx20 | - |
| Cisco | Telepresence Te Software | <= 4.1.2 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20
FAQ
What is CVE-2013-3377?
CVE-2013-3377 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.
How severe is CVE-2013-3377?
CVE-2013-3377 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3377?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Tc Software, Cisco Ip Video Phone E20, Cisco Telepresence Codec C40, Cisco Telepresence Codec C60, Cisco Telepresence Codec C90.