CVE-2011-0391
published 2011-02-25CVE-2011-0391: Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via…
PriorityP336high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
2.57%
83.2th percentile
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | telepresence_recording_server | — | — |
| cisco | telepresence_recording_server_software | — | — |
| cisco | telepresence_recording_server_software | — | — |
| cisco | telepresence_recording_server_software | — | — |
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Multiple Vulnerabilities in Cisco TelePresence Recording Server
vendor_cisco·2011-02-23·CVSS 10.0
CVE-2011-0382 [CRITICAL] CWE-264 Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple vulnerabilities exist within the Cisco TelePresence Recording
Server. This security advisory outlines details of the following
vulnerabilities:
Unauthenticated Java Servlet Access
Common Gateway Interface (CGI) Command Injection
Unauthenticated Arbitrary File Upload
XML-Remote Procedure Call (RPC) Arbitrary File Overwrite
Cisco Discovery Protocol Remote Code Execution
Ad Hoc Recording Denial of Service
Java Remote method Invocation (RMI) Denial of Service
Unauthenticated XML-RPC Interface
Duplicate Issue Identification in Other Cisco TelePresence Advisories
The Unauthenticated Java Servlet Access vulnerability affects the Cisco
TelePresence Multipoint Switch and Recording Server. The defect that is r
Cisco
Multiple Vulnerabilities in Cisco TelePresence Recording Server
vendor_cisco
CVE-2011-0391 Multiple Vulnerabilities in Cisco TelePresence Recording Server
CVE-2011-0391: Multiple Vulnerabilities in Cisco TelePresence Recording Server
Multiple vulnerabilities exist within the Cisco TelePresence Recording Server. This security advisory outlines
CWE: CWE-264, CWE-287, CWE-399, CWE-264, CWE-287, CWE-399
Bug IDs: CSCtf42008, CSCtf42005, CSCth61065, CSCth85786, CSCtd75754
GHSA
GHSA-2c4f-33fr-h9q2: Cisco TelePresence Recording Server devices with software 1
ghsa_unreviewed·2022-05-17
CVE-2011-0391 [HIGH] GHSA-2c4f-33fr-h9q2: Cisco TelePresence Recording Server devices with software 1
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtmlhttp://www.securityfocus.com/bid/46522http://www.securitytracker.com/id?1025114https://exchange.xforce.ibmcloud.com/vulnerabilities/65607http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtmlhttp://www.securityfocus.com/bid/46522http://www.securitytracker.com/id?1025114https://exchange.xforce.ibmcloud.com/vulnerabilities/65607
2011-02-25
Published