Sign-up

ID

VAR-201307-0230


CVE

CVE-2013-3401


TITLE

Cisco TelePresence TC Software SIP Unintentional in the implementation of NOTIFY Vulnerabilities that trigger the use of messages

Trust: 0.8

sources: JVNDB: JVNDB-2013-003181

DESCRIPTION

The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. Vendors have confirmed this vulnerability Bug ID CSCud96080 It is released as.Not intended by third parties NOTIFY May trigger the use of messages. Exploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions on the affected device. This issue is being tracked by Cisco Bug ID CSCud96080. Cisco TelePresence is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect

Trust: 1.98

sources: NVD: CVE-2013-3401 // JVNDB: JVNDB-2013-003181 // BID: 60908 // VULHUB: VHN-63403

AFFECTED PRODUCTS

vendor:ciscomodel:telepresence tc softwarescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.4

Trust: 0.3

sources: BID: 60908 // JVNDB: JVNDB-2013-003181 // CNNVD: CNNVD-201307-044 // NVD: CVE-2013-3401

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3401
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-3401
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201307-044
value: MEDIUM

Trust: 0.6

VULHUB: VHN-63403
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-3401
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-63403
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-63403 // JVNDB: JVNDB-2013-003181 // CNNVD: CNNVD-201307-044 // NVD: CVE-2013-3401

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-3401

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-044

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201307-044

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003181

PATCH
title:Cisco TC Software SIP Implementation Error May Affect Communications Integrityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3401
Trust: 0.8
title:29851url:http://tools.cisco.com/security/center/viewAlert.x?alertId=29851
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-003181

EXTERNAL IDS
db:NVDid:CVE-2013-3401
Trust: 2.8
db:JVNDBid:JVNDB-2013-003181
Trust: 0.8
db:CNNVDid:CNNVD-201307-044
Trust: 0.7
db:CISCOid:20130629 CISCO TC SOFTWARE SIP IMPLEMENTATION ERROR MAY AFFECT COMMUNICATIONS INTEGRITY
Trust: 0.6
db:BIDid:60908
Trust: 0.4
db:VULHUBid:VHN-63403
Trust: 0.1
sources:
            
            
            VULHUB: VHN-63403 // 
            
            
            
            BID: 60908 // 
            
            
            
            JVNDB: JVNDB-2013-003181 // 
            
            
            
            CNNVD: CNNVD-201307-044 // 
            
            
            
            NVD: CVE-2013-3401

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3401
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3401
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3401
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=29851
Trust: 0.3
url:tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3401
Trust: 0.3
sources:
            
            
            VULHUB: VHN-63403 // 
            
            
            
            BID: 60908 // 
            
            
            
            JVNDB: JVNDB-2013-003181 // 
            
            
            
            CNNVD: CNNVD-201307-044 // 
            
            
            
            NVD: CVE-2013-3401

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 60908

SOURCES
db:VULHUBid:VHN-63403
db:BIDid:60908
db:JVNDBid:JVNDB-2013-003181
db:CNNVDid:CNNVD-201307-044
db:NVDid:CVE-2013-3401

LAST UPDATE DATE
2025-04-11T23:15:25.956000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-63403date:2013-07-02T00:00:00
db:BIDid:60908date:2013-06-29T00:00:00
db:JVNDBid:JVNDB-2013-003181date:2013-07-03T00:00:00
db:CNNVDid:CNNVD-201307-044date:2013-07-04T00:00:00
db:NVDid:CVE-2013-3401date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-63403date:2013-07-02T00:00:00
db:BIDid:60908date:2013-06-29T00:00:00
db:JVNDBid:JVNDB-2013-003181date:2013-07-03T00:00:00
db:CNNVDid:CNNVD-201307-044date:2013-07-04T00:00:00
db:NVDid:CVE-2013-3401date:2013-07-02T03:43:34.677