CVE-2021-34758

CWE-732Incorrect Permission Assignment4 documents4 sources
Severity
3.3LOW
EPSS
0.1%
top 71.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco RoomosCisco Telepresence Collaboration EndpointCisco Cisco Roomos Software
Timeline
PublishedOct 6
Latest updateMay 24

Description

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient access controls to a shared memory resource. An attacker could exploit this vulnerability by corrupting a shared memory segment on an affected device. A successful exploit could allow the attacker to c

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 1.8 | Impact: 2.5

Affected Packages3 packages

NVDcisco/roomos< 10.7.1.2

🔴Vulnerability Details

2
GHSA
GHSA-m9hj-8j64-3cfq: A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authentic2022-05-24
CVEList
Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerability2021-10-06

📋Vendor Advisories

1
Cisco
Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerability2021-10-06
CVE-2021-34758 (LOW CVSS 3.3) | A vulnerability in the memory manag | cvebase.io