Sign-up

ID

VAR-201305-0113


CVE

CVE-2013-1236


TITLE

Cisco TelePresence Supervisor MSE 8050 Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002732

DESCRIPTION

Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing TCP connections at a high rate, aka Bug IDs CSCuf76076 and CSCuf79763. Successfully exploiting this issue may allow an attacker to cause high CPU utilization and reload of the affected system resulting in denial of service conditions. This issue is being tracked by Cisco Bug IDs CSCuf76076 and CSCuf79763

Trust: 1.98

sources: NVD: CVE-2013-1236 // JVNDB: JVNDB-2013-002732 // BID: 59879 // VULHUB: VHN-61238

AFFECTED PRODUCTS

vendor:ciscomodel:telepresence supervisor mse 8050 softwarescope:lteversion:2.2\(1.17\)

Trust: 1.0

vendor:ciscomodel:telepresence supervisor mse 8050scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence supervisor mse 8050scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence supervisor mse 8050 softwarescope:ltversion:2.3(1.31)

Trust: 0.8

vendor:ciscomodel:telepresence supervisor mse 8050 softwarescope:eqversion:2.2\(1.17\)

Trust: 0.6

sources: JVNDB: JVNDB-2013-002732 // CNNVD: CNNVD-201305-303 // NVD: CVE-2013-1236

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1236
value: HIGH

Trust: 1.0

NVD: CVE-2013-1236
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201305-303
value: HIGH

Trust: 0.6

VULHUB: VHN-61238
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-1236
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-61238
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-61238 // JVNDB: JVNDB-2013-002732 // CNNVD: CNNVD-201305-303 // NVD: CVE-2013-1236

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-61238 // JVNDB: JVNDB-2013-002732 // NVD: CVE-2013-1236

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201305-303

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201305-303

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002732

PATCH
title:cisco-sa-20130515-mseurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130515-mse
Trust: 0.8
title:29262url:http://tools.cisco.com/security/center/viewAlert.x?alertId=29262
Trust: 0.8
title:cisco-sa-20130515-mseurl:http://www.cisco.com/cisco/web/support/JP/111/1118/1118113_cisco-sa-20130515-mse-j.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-002732

EXTERNAL IDS
db:NVDid:CVE-2013-1236
Trust: 2.8
db:BIDid:59879
Trust: 1.0
db:JVNDBid:JVNDB-2013-002732
Trust: 0.8
db:CNNVDid:CNNVD-201305-303
Trust: 0.7
db:CISCOid:20130515 CISCO TELEPRESENCE SUPERVISOR MSE 8050 DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:NSFOCUSid:23707
Trust: 0.6
db:VULHUBid:VHN-61238
Trust: 0.1
sources:
            
            
            VULHUB: VHN-61238 // 
            
            
            
            BID: 59879 // 
            
            
            
            JVNDB: JVNDB-2013-002732 // 
            
            
            
            CNNVD: CNNVD-201305-303 // 
            
            
            
            NVD: CVE-2013-1236

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130515-mse
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1236
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1236
Trust: 0.8
url:http://www.securityfocus.com/bid/59879
Trust: 0.6
url:http://www.nsfocus.net/vulndb/23707
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-61238 // 
            
            
            
            BID: 59879 // 
            
            
            
            JVNDB: JVNDB-2013-002732 // 
            
            
            
            CNNVD: CNNVD-201305-303 // 
            
            
            
            NVD: CVE-2013-1236

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 59879 // 
            
            
            
            CNNVD: CNNVD-201305-303

SOURCES
db:VULHUBid:VHN-61238
db:BIDid:59879
db:JVNDBid:JVNDB-2013-002732
db:CNNVDid:CNNVD-201305-303
db:NVDid:CVE-2013-1236

LAST UPDATE DATE
2024-11-23T22:02:24.007000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-61238date:2013-05-16T00:00:00
db:BIDid:59879date:2013-05-15T00:00:00
db:JVNDBid:JVNDB-2013-002732date:2013-05-17T00:00:00
db:CNNVDid:CNNVD-201305-303date:2013-06-18T00:00:00
db:NVDid:CVE-2013-1236date:2024-11-21T01:49:10.220

SOURCES RELEASE DATE
db:VULHUBid:VHN-61238date:2013-05-16T00:00:00
db:BIDid:59879date:2013-05-15T00:00:00
db:JVNDBid:JVNDB-2013-002732date:2013-05-17T00:00:00
db:CNNVDid:CNNVD-201305-303date:2013-05-17T00:00:00
db:NVDid:CVE-2013-1236date:2013-05-16T03:36:22.727