Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco TelePresence CE and TC Software ICMP DoS Vulnerability (cisco-sa-20170503-ctp)

Information

Severity

Severity

Medium

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

5 years ago

Modified

Modified

3 years ago

Summary

The host is running Cisco TelePresence Endpoint and is prone to denial of service vulnerability.

Insight

Insight

The vulnerability is due to incomplete input validation for the size of a received ICMP packet.

Affected Software

Affected Software

Cisco TelePresence products when running software release CE8.1.0, CE8.0.0, CE8.1.1, CE8.2.0, CE8.2.1, CE8.2.2, CE 8.3.0, or CE8.3.1. Also TC4.2 through TC4.2.4, TC5.1.11, TC5.1.13, TC6.0.2 through TC6.0.4, TC6.1.3, TC6.1.4, TC6.3.1 through TC6.3.5, TC7.3.6, TC7.3.7, TC7.1.1 through TC7.1.4 are affected. This vulnerability affects the following Cisco TelePresence products, Spark Room OS, TelePresence DX Series, TelePresence MX Series, TelePresence SX Quick Set Series, and TelePresence SX Series.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Upgrade to Cisco TelePresence Collaboration Endpoint (CE) Software release 8.3.2 or later.

Common Vulnerabilities and Exposures (CVE)