Cisco TelePresence System MXP series management flow creation Denial of Service Vulnerability
Release date:
Updated on:
Affected Systems:
Cisco TelePresence Systems (CTS)
Description:
CVE (CAN) ID: CVE-2014-3362
Cisco TelePresence is a Cisco TelePresence solution that provides ultra-high-definition video images (1080 p) in real size, CD-quality audio, specially designed environments, and interactive components, this provides a "face-to-face" meeting experience for remote participants.
Cisco TelePresence System MXP Series F9.1 has a security vulnerability when creating a management stream. Attackers can exploit this vulnerability to obtain memory information by constructing management requests, then, Telnet can exploit this vulnerability to cause DOS.
<* Source: vendor
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3362
This article permanently updates the link address: