CVE-2013-1176

EUVD-2013-1216
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
ciscotelepresence_mcu_4500_series_software
𝑥
≤ 4.3\(2.18\)
ciscotelepresence_mcu_4500_series_software
4.1\(1.51\)
ciscotelepresence_mcu_4500_series_software
4.1\(1.59\)
ciscotelepresence_mcu_4500_series_software
4.2\(1.43\)
ciscotelepresence_mcu_4500_series_software
4.2\(1.46\)
ciscotelepresence_mcu_4500_series_software
4.2\(1.50\)
ciscotelepresence_mcu_4500_series_software
4.3\(1.68\)
ciscotelepresence_mcu_4505
-
ciscotelepresence_mcu_4510
-
ciscotelepresence_mcu_4515
-
ciscotelepresence_mcu_4520
-
ciscotelepresence_mcu_4501_series_software
𝑥
≤ 4.3\(2.18\)
ciscotelepresence_mcu_4501_series_software
4.1\(1.51\)
ciscotelepresence_mcu_4501_series_software
4.1\(1.59\)
ciscotelepresence_mcu_4501_series_software
4.2\(1.43\)
ciscotelepresence_mcu_4501_series_software
4.2\(1.46\)
ciscotelepresence_mcu_4501_series_software
4.2\(1.50\)
ciscotelepresence_mcu_4501_series_software
4.3\(1.68\)
ciscotelepresence_mcu_4501
-
ciscotelepresence_mcu_mse_series_software
𝑥
≤ 4.3\(2.18\)
ciscotelepresence_mcu_mse_series_software
4.1\(1.51\)
ciscotelepresence_mcu_mse_series_software
4.1\(1.59\)
ciscotelepresence_mcu_mse_series_software
4.2\(1.43\)
ciscotelepresence_mcu_mse_series_software
4.2\(1.46\)
ciscotelepresence_mcu_mse_series_software
4.2\(1.50\)
ciscotelepresence_mcu_mse_series_software
4.3\(1.68\)
ciscotelepresence_mcu_mse_8510
-
ciscotelepresence_server_software
𝑥
≤ 2.2\(1.54\)
ciscotelepresence_server_software
2.1\(1.33\)
ciscotelepresence_server_software
2.1\(1.37\)
ciscotelepresence_server_software
2.2\(1.43\)
ciscotelepresence_server_7010
-
ciscotelepresence_server_mse_8710
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi