CVE-2013-1176: Input Validation
First published: Thu Apr 18 2013(Updated: )
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence MCU 4501 series software | <=4.3\(2.18\) | |
| Cisco TelePresence MCU 4501 series software | =4.1\(1.51\) | |
| Cisco TelePresence MCU 4501 series software | =4.1\(1.59\) | |
| Cisco TelePresence MCU 4501 series software | =4.2\(1.43\) | |
| Cisco TelePresence MCU 4501 series software | =4.2\(1.46\) | |
| Cisco TelePresence MCU 4501 series software | =4.2\(1.50\) | |
| Cisco TelePresence MCU 4501 series software | =4.3\(1.68\) | |
| Cisco TelePresence MCU 4505 | ||
| Cisco TelePresence MCU 4510 | ||
| Cisco TelePresence MCU 4515 | ||
| Cisco TelePresence MCU 4520 | ||
| Cisco TelePresence MCU 4501 | <=4.3\(2.18\) | |
| Cisco TelePresence MCU 4501 | =4.1\(1.51\) | |
| Cisco TelePresence MCU 4501 | =4.1\(1.59\) | |
| Cisco TelePresence MCU 4501 | =4.2\(1.43\) | |
| Cisco TelePresence MCU 4501 | =4.2\(1.46\) | |
| Cisco TelePresence MCU 4501 | =4.2\(1.50\) | |
| Cisco TelePresence MCU 4501 | =4.3\(1.68\) | |
| Cisco TelePresence MCU 4501 series software | ||
| Cisco TelePresence MCU MSE series software | <=4.3\(2.18\) | |
| Cisco TelePresence MCU MSE series software | =4.1\(1.51\) | |
| Cisco TelePresence MCU MSE series software | =4.1\(1.59\) | |
| Cisco TelePresence MCU MSE series software | =4.2\(1.43\) | |
| Cisco TelePresence MCU MSE series software | =4.2\(1.46\) | |
| Cisco TelePresence MCU MSE series software | =4.2\(1.50\) | |
| Cisco TelePresence MCU MSE series software | =4.3\(1.68\) | |
| Cisco TelePresence MCU MSE 8510 | ||
| Cisco TelePresence Server Software | <=2.2\(1.54\) | |
| Cisco TelePresence Server Software | =2.1\(1.33\) | |
| Cisco TelePresence Server Software | =2.1\(1.37\) | |
| Cisco TelePresence Server Software | =2.2\(1.43\) | |
| Cisco TelePresence Server 7010 | ||
| Cisco TelePresence Server MSE 8710 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1176?
The severity of CVE-2013-1176 is classified as high due to the potential for a denial of service.
How do I fix CVE-2013-1176?
To fix CVE-2013-1176, upgrade to the latest recommended version of the affected Cisco software.
Which devices are affected by CVE-2013-1176?
CVE-2013-1176 affects Cisco TelePresence MCU 4500, 4501, MSE 8510, and TelePresence Server devices running vulnerable versions.
What type of attack does CVE-2013-1176 involve?
CVE-2013-1176 involves a denial of service attack that can cause affected devices to reload.
When was CVE-2013-1176 disclosed?
CVE-2013-1176 was disclosed in April 2013 following a security advisory from Cisco.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco telepresence mcu 4501 series software
- version/cisco telepresence mcu 4501 series software/4.3\(2.18\)
- version/cisco telepresence mcu 4501 series software/4.1\(1.51\)
- version/cisco telepresence mcu 4501 series software/4.1\(1.59\)
- version/cisco telepresence mcu 4501 series software/4.2\(1.43\)
- version/cisco telepresence mcu 4501 series software/4.2\(1.46\)
- version/cisco telepresence mcu 4501 series software/4.2\(1.50\)
- version/cisco telepresence mcu 4501 series software/4.3\(1.68\)
- canonical/cisco telepresence mcu 4505
- canonical/cisco telepresence mcu 4510
- canonical/cisco telepresence mcu 4515
- canonical/cisco telepresence mcu 4520
- canonical/cisco telepresence mcu 4501
- version/cisco telepresence mcu 4501/4.3\(2.18\)
- version/cisco telepresence mcu 4501/4.1\(1.51\)
- version/cisco telepresence mcu 4501/4.1\(1.59\)
- version/cisco telepresence mcu 4501/4.2\(1.43\)
- version/cisco telepresence mcu 4501/4.2\(1.46\)
- version/cisco telepresence mcu 4501/4.2\(1.50\)
- version/cisco telepresence mcu 4501/4.3\(1.68\)
- canonical/cisco telepresence mcu mse series software
- version/cisco telepresence mcu mse series software/4.3\(2.18\)
- version/cisco telepresence mcu mse series software/4.1\(1.51\)
- version/cisco telepresence mcu mse series software/4.1\(1.59\)
- version/cisco telepresence mcu mse series software/4.2\(1.43\)
- version/cisco telepresence mcu mse series software/4.2\(1.46\)
- version/cisco telepresence mcu mse series software/4.2\(1.50\)
- version/cisco telepresence mcu mse series software/4.3\(1.68\)
- canonical/cisco telepresence mcu mse 8510
- canonical/cisco telepresence server software
- version/cisco telepresence server software/2.2\(1.54\)
- version/cisco telepresence server software/2.1\(1.33\)
- version/cisco telepresence server software/2.1\(1.37\)
- version/cisco telepresence server software/2.2\(1.43\)
- canonical/cisco telepresence server 7010
- canonical/cisco telepresence server mse 8710