Sign-up

ID

VAR-201306-0160


CVE

CVE-2013-3377


TITLE

Cisco TelePresence TC Software and TE Software Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003093

DESCRIPTION

Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743. Multiple Cisco TelePresence Products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCue01743. The following products are vulnerable: Versions prior to Cisco TelePresence MX Series TC5.1.7 Versions prior to Cisco TelePresence System EX Series TC5.1.7 Versions prior to Cisco TelePresence Integrator C Series TC5.1.7 Versions prior to Cisco TelePresence Profiles Series running TC5.1.7 Versions prior to Cisco TelePresence Quick Set Series TC5.1.7 Versions prior to Cisco IP Video Phone E20 TE4.1.3. Cisco TelePresence is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect

Trust: 2.07

sources: NVD: CVE-2013-3377 // JVNDB: JVNDB-2013-003093 // BID: 60678 // VULHUB: VHN-63379 // VULMON: CVE-2013-3377

AFFECTED PRODUCTS

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.0

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.1

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.1

Trust: 1.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.1

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.2

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.2

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.3

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.4

Trust: 1.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.0

Trust: 1.6

vendor:ciscomodel:telepresence mx200scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence mx300scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence codec c90scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence codec c60scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence profile 65scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence quick set c20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.0

Trust: 1.0

vendor:ciscomodel:telepresence codec c40scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.5

Trust: 1.0

vendor:ciscomodel:ip video phone e20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence quick set sx20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence profile 55scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence te softwarescope:lteversion:4.1.2

Trust: 1.0

vendor:ciscomodel:telepresence ex90scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:lteversion:5.1.6

Trust: 1.0

vendor:ciscomodel:telepresence ex60scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:telepresence profile 65scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence te softwarescope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:telepresence codec c60scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence codec c90scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence ex90scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence ex60scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence codec c40scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence profile 55scope: - version: -

Trust: 0.8

vendor:ciscomodel:ip video phone e20 softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.3

Trust: 0.8

vendor:ciscomodel:telepresence sx20 quick setscope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence tc softwarescope:ltversion:5.x

Trust: 0.8

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.7

Trust: 0.8

vendor:ciscomodel:telepresence te softwarescope:ltversion:4.x

Trust: 0.8

vendor:ciscomodel:telepresence mx200scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence mx300scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence quick set c20scope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.2

Trust: 0.6

sources: JVNDB: JVNDB-2013-003093 // CNNVD: CNNVD-201306-382 // NVD: CVE-2013-3377

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3377
value: HIGH

Trust: 1.0

NVD: CVE-2013-3377
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201306-382
value: HIGH

Trust: 0.6

VULHUB: VHN-63379
value: HIGH

Trust: 0.1

VULMON: CVE-2013-3377
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-3377
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-63379
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-63379 // VULMON: CVE-2013-3377 // JVNDB: JVNDB-2013-003093 // CNNVD: CNNVD-201306-382 // NVD: CVE-2013-3377

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-63379 // JVNDB: JVNDB-2013-003093 // NVD: CVE-2013-3377

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201306-382

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201306-382

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003093

PATCH
title:cisco-sa-20130619-tpcurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc
Trust: 0.8
title:29653url:http://tools.cisco.com/security/center/viewAlert.x?alertId=29653
Trust: 0.8
title:cisco-sa-20130619-tpcurl:http://www.cisco.com/cisco/web/support/JP/111/1118/1118409_cisco-sa-20130619-tpc-j.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-003093

EXTERNAL IDS
db:NVDid:CVE-2013-3377
Trust: 2.9
db:BIDid:60678
Trust: 1.0
db:JVNDBid:JVNDB-2013-003093
Trust: 0.8
db:CNNVDid:CNNVD-201306-382
Trust: 0.7
db:CISCOid:20130619 MULTIPLE VULNERABILITIES IN CISCO TELEPRESENCE TC AND TE SOFTWARE
Trust: 0.6
db:VULHUBid:VHN-63379
Trust: 0.1
db:VULMONid:CVE-2013-3377
Trust: 0.1
sources:
            
            
            VULHUB: VHN-63379 // 
            
            
            
            VULMON: CVE-2013-3377 // 
            
            
            
            BID: 60678 // 
            
            
            
            JVNDB: JVNDB-2013-003093 // 
            
            
            
            CNNVD: CNNVD-201306-382 // 
            
            
            
            NVD: CVE-2013-3377

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130619-tpc
Trust: 2.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3377
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3377
Trust: 0.8
url:http://www.securityfocus.com/bid/60678
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=29653
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/399.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-63379 // 
            
            
            
            VULMON: CVE-2013-3377 // 
            
            
            
            BID: 60678 // 
            
            
            
            JVNDB: JVNDB-2013-003093 // 
            
            
            
            CNNVD: CNNVD-201306-382 // 
            
            
            
            NVD: CVE-2013-3377

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 60678 // 
            
            
            
            CNNVD: CNNVD-201306-382

SOURCES
db:VULHUBid:VHN-63379
db:VULMONid:CVE-2013-3377
db:BIDid:60678
db:JVNDBid:JVNDB-2013-003093
db:CNNVDid:CNNVD-201306-382
db:NVDid:CVE-2013-3377

LAST UPDATE DATE
2024-08-14T13:58:17.671000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-63379date:2013-06-21T00:00:00
db:VULMONid:CVE-2013-3377date:2013-06-21T00:00:00
db:BIDid:60678date:2013-06-19T00:00:00
db:JVNDBid:JVNDB-2013-003093date:2013-06-24T00:00:00
db:CNNVDid:CNNVD-201306-382date:2013-06-24T00:00:00
db:NVDid:CVE-2013-3377date:2013-06-21T17:29:29.187

SOURCES RELEASE DATE
db:VULHUBid:VHN-63379date:2013-06-21T00:00:00
db:VULMONid:CVE-2013-3377date:2013-06-21T00:00:00
db:BIDid:60678date:2013-06-19T00:00:00
db:JVNDBid:JVNDB-2013-003093date:2013-06-24T00:00:00
db:CNNVDid:CNNVD-201306-382date:2013-06-24T00:00:00
db:NVDid:CVE-2013-3377date:2013-06-21T13:57:25.623