CVE-2013-5516

The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796.

CVSS v2.0 6.3 MEDIUM

6.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:N/I:N/A:C

Exploitability : 6.8 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31028	Vendor Advisory
http://www.securitytracker.com/id/1029109
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31028	Vendor Advisory
http://www.securitytracker.com/id/1029109

Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:57

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516 - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516 - Vendor Advisory
References	~~() http://tools.cisco.com/security/center/viewAlert.x?alertId=31028 - Vendor Advisory~~	() http://tools.cisco.com/security/center/viewAlert.x?alertId=31028 - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1029109 -~~	() http://www.securitytracker.com/id/1029109 -

Information

Published : 2013-10-01 00:55

Updated : 2024-11-21 01:57

NVD link : CVE-2013-5516

Mitre link : CVE-2013-5516

CVE.ORG link : CVE-2013-5516

JSON object : View

Products Affected

cisco

telepresence_multipoint_switch

CWE

CWE-399

Resource Management Errors

{"id": "CVE-2013-5516", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-10-01T00:55:12.913", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31028", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1029109", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5516", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31028", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1029109", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796."}, {"lang": "es", "value": "La implementaci\u00f3n Media Snapshot en los dispositivos Cisco TelePresence Multipoint Switch (CTMS) permite a los usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (recarga de dispositivo) mediante el env\u00edo de muchas peticiones Media Snapshot en el momento de finalizaci\u00f3n de una reuni\u00f3n, aka Bug ID CSCuh44796."}], "lastModified": "2024-11-21T01:57:37.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_multipoint_switch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DC3BECB-61EE-4668-B139-D46BCF5E0F69"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}