SynopsisThe videoconferencing switch running on the remote host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version number, the version of Cisco TelePresence Multipoint Switch running on the remote host is earlier than 1.7.0 and, therefore, has the following vulnerabilities:
- Servlets used to perform administrative actions are accessible without authentication. (CVE-2011-0383, CVE-2011-0384, CVE-2011-0387)
- Unauthenticated attackers can upload files to arbitrary locations. (CVE-2011-0385)
- An unauthenticated attacker on the same network segment could send a malicious Cisco Discovery Protocol packet, resulting in a buffer overflow. (CVE-2011-0379)
- Java RMI access is not properly restricted, which could allow an unauthenticated, remote attacker to cause a denial of service. (CVE-2011-0388)
- Receiving a malicious RTCP packet could cause the call control process to crash. (CVE-2011-0389) A remote, unauthenticated attacker could potentially exploit the most severe of these vulnerabilities to take complete control of the host.
SolutionUpgrade to Cisco TelePresence Multipoint Switch 1.7.0 or later.