CVE-2011-2577
First published: Wed Aug 31 2011(Updated: )
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Codec C40 firmware | ||
| Cisco TelePresence Codec | ||
| Cisco TelePresence Codec | ||
| Cisco TelePresence EX60 | ||
| Cisco TelePresence EX90 | ||
| Cisco TelePresence C Series Software | <=tc3.1.4 | |
| Cisco TelePresence C Series Software | =tc3.0.0 | |
| Cisco TelePresence C Series Software | =tc3.1.0 | |
| Cisco TelePresence C Series Software | =tc3.1.1 | |
| Cisco TelePresence C Series Software | =tc3.1.2 | |
| Cisco TelePresence C Series Software | =tc3.1.3 | |
| Cisco TelePresence 6000 MXP | ||
| Cisco TelePresence 9000 MXP | ||
| Cisco TelePresence MXP | =f8.2 | |
| Cisco TelePresence MXP | =f9.0 | |
| Cisco TelePresence MXP | =f9.0.1 | |
| Cisco TelePresence MXP | =f9.0.2 | |
| Cisco TelePresence E20 | ||
| Cisco TelePresence E20 | =te2.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b91395.shtml
- http://www.securityfocus.com/bid/49392
- http://www.securitytracker.com/id?1025994
- http://www.exploit-db.com/exploits/17871
- http://securityreason.com/securityalert/8387
- http://securityreason.com/securityalert/8389
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69513
- http://www.securityfocus.com/archive/1/519698/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2011-2577?
CVE-2011-2577 is classified as a denial of service vulnerability that may cause affected Cisco devices to crash.
How do I fix CVE-2011-2577?
To fix CVE-2011-2577, upgrade affected Cisco TelePresence devices to TC version 4.0.0 or later or F9.1 or later.
What devices are affected by CVE-2011-2577?
CVE-2011-2577 affects various Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs running vulnerable software versions.
What type of attack does CVE-2011-2577 represent?
CVE-2011-2577 represents a remote denial of service attack via crafted SIP packets sent to specific ports.
Can CVE-2011-2577 be exploited remotely?
Yes, CVE-2011-2577 can be exploited remotely, allowing attackers to crash the affected devices.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco telepresence codec c40 firmware
- canonical/cisco telepresence codec
- canonical/cisco telepresence ex60
- canonical/cisco telepresence ex90
- canonical/cisco telepresence c series software
- version/cisco telepresence c series software/tc3.1.4
- version/cisco telepresence c series software/tc3.0.0
- version/cisco telepresence c series software/tc3.1.0
- version/cisco telepresence c series software/tc3.1.1
- version/cisco telepresence c series software/tc3.1.2
- version/cisco telepresence c series software/tc3.1.3
- canonical/cisco telepresence 6000 mxp
- canonical/cisco telepresence 9000 mxp
- canonical/cisco telepresence mxp
- version/cisco telepresence mxp/f8.2
- version/cisco telepresence mxp/f9.0
- version/cisco telepresence mxp/f9.0.1
- version/cisco telepresence mxp/f9.0.2
- canonical/cisco telepresence e20
- version/cisco telepresence e20/te2.2.1