CVE-2011-0388

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

Published: Feb 25, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0388
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
cisco / telepresence_recording_server_software	1.6.1	1.6.1.x
cisco / telepresence_recording_server_software	1.6.2	1.6.2.x
cisco / telepresence_recording_server_software	1.6.3	1.6.3.x
cisco / telepresence_recording_server	-	-
cisco / telepresence_multipoint_switch_software	1.0.4.0	1.0.4.0.x
cisco / telepresence_multipoint_switch_software	1.1.0	1.1.0.x
cisco / telepresence_multipoint_switch_software	1.1.1	1.1.1.x
cisco / telepresence_multipoint_switch_software	1.1.2	1.1.2.x
cisco / telepresence_multipoint_switch_software	1.5.0	1.5.0.x
cisco / telepresence_multipoint_switch_software	1.5.1	1.5.1.x
cisco / telepresence_multipoint_switch_software	1.5.2	1.5.2.x
cisco / telepresence_multipoint_switch_software	1.5.3	1.5.3.x
cisco / telepresence_multipoint_switch_software	1.5.4	1.5.4.x
cisco / telepresence_multipoint_switch_software	1.5.5	1.5.5.x
cisco / telepresence_multipoint_switch_software	1.5.6	1.5.6.x
cisco / telepresence_multipoint_switch_software	1.6.0	1.6.0.x
cisco / telepresence_multipoint_switch_software	1.6.1	1.6.1.x
cisco / telepresence_multipoint_switch_software	1.6.2	1.6.2.x
cisco / telepresence_multipoint_switch_software	1.6.3	1.6.3.x
cisco / telepresence_multipoint_switch_software	1.6.4	1.6.4.x
cisco / telepresence_multipoint_switch	-	-

Vulnerability Database

289,697

CVE-2011-0388