-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Multiple Vulnerabilities in Cisco
TelePresence Multipoint Switch
Advisory ID: cisco-sa-20110223-telepresence-ctms
Revision 1.0
For Public Release 2011 February 23
+-
Summary
===
Multiple vulnerabilities exist within the Cisco TelePresence
Multipoint Switch. This security advisory outlines details of the
following vulnerabilities:
* Unauthenticated Java Servlet Access
* Unauthenticated Arbitrary File Upload
* Cisco Discovery Protocol Remote Code Execution
* Unauthorized Servlet Access
* Java RMI Denial of Service
* Real-Time Transport Control Protocol Denial of Service
* XML-Remote Procedure Call (RPC) Denial of Service
Duplicate Issue Identification in Other Cisco TelePresence Advisories
The Unauthenticated Java Servlet Access vulnerability affects the
Cisco TelePresence Multipoint Switch and Recording Server. The defect
as related to each component is covered in each associated advisory.
The Cisco bug IDs for these defects are as follows:
* Cisco TelePresence Multipoint Switch - CSCtf42008
* Cisco TelePresence Recording Server - CSCtf42005
The Unauthenticated Arbitrary File Upload vulnerability affects the
Cisco TelePresence Multipoint Switch and Recording Server. The defect
as related to each component is covered in each associated advisory.
The Cisco bug IDs for these defects are as follows:
* Cisco TelePresence Multipoint Switch - CSCth61065
* Cisco TelePresence Recording Server - CSCth85786
The Cisco Discovery Protocol Remote Code Execution vulnerability
affects Cisco TelePresence endpoint devices, Manager, Multipoint
Switch, and Recording Server. The defect as related to each component
is covered in each associated advisory. The Cisco bug IDs for these
defects are as follows:
* Cisco TelePresence endpoint devices - CSCtd75754
* Cisco TelePresence Manager - CSCtd75761
* Cisco TelePresence Multipoint Switch - CSCtd75766
* Cisco TelePresence Recording Server - CSCtd75769
The Java RMI Denial of Service vulnerability affects the Cisco
TelePresence Multipoint Switch and Recording Server. The defect as
related to each component is covered in each associated advisory. The
Cisco bug IDs for these defects are as follows:
* Cisco TelePresence Multipoint Switch - CSCtg35830
* Cisco TelePresence Recording Server - CSCtg35825
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20110223-telepresence-ctms.shtml.
Affected Products
=
These vulnerabilities affect the Cisco TelePresence Multipoint
Switch. All releases of Cisco TelePresence System Software prior to
1.7.1 are affected by one or more of the vulnerabilities listed in
this advisory.
The following table provides information pertaining to affected
software releases:
+-+
| | Cisco Bug | Affected |
| Description | ID | Software |
| || Releases |
|-++--|
| Unauthenticated || 1.0.x, |
| Java Servlet| CSCtf01253 | 1.1.x, |
| Access || 1.5.x, |
| || 1.6.x|
|-++--|
| Unauthenticated || 1.0.x, |
| Java Servlet| CSCtf42008 | 1.1.x, |
| Access || 1.5.x, |
| || 1.6.x|
|-++--|
| Unauthenticated || 1.0.x, |
| Arbitrary File | CSCth61065 | 1.1.x, |
| Upload || 1.5.x, |
| || 1.6.x|
|-++--|
| Cisco Discovery || 1.0.x, |
| Protocol Remote | CSCtd75766 | 1.1.x, |
| Code Execution || 1.5.x, |
| || 1.6.x|
|-++--|
| || 1.0.x, |
| Unauthorized| CSCtf97164 | 1.1.x, |
| Servlet Access || 1.5.x, |
| || 1.6.x|
|-++--|
| || 1.0.x, |
| Java RMI Denial | CSCtg35825 | 1.1.x, |
| of Service || 1.5.x, |
| || 1.6.x|
|-++--|
| Real-Time || 1.0.x, |
| Transport || 1.1.x, |
| Control | CSCth60993 | 1.5.x, |
| Protocol Denial || 1.6.x|
| of Service || |
|-++--|
| || 1.0.x, |
| XML-RPC Denial || 1.1.x, |
| of Service | CSCtj44534 | 1.5.x, |
| || 1.6.x, |
| || 1.7.0|
+-+
Vulnerable Products