cbcvebase.
CVE-2011-0388
published 2011-02-25

CVE-2011-0388: Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and…

PriorityP339high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
2.60%
83.4th percentile
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825.

Affected

20 ranges
VendorProductVersion rangeFixed in
ciscotelepresence_multipoint_switch
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_multipoint_switch_software
ciscotelepresence_recording_server_software
ciscotelepresence_recording_server_software
ciscotelepresence_recording_server_software

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
vendor_cisco8.0HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.