CVE-2011-0388

Name of the Vulnerable Software and Affected Versions Cisco TelePresence Recording Server devices version 1.6.x Cisco TelePresence Multipoint Switch (CTMS) devices versions 1.0.x through 1.6.x

Description The issue is related to improper restriction of remote access to the Java servlet RMI interface. This allows remote attackers to cause a denial of service, resulting in memory consumption and web outage, via multiple crafted requests.

Recommendations For Cisco TelePresence Recording Server devices version 1.6.x: Restrict access to the Java servlet RMI interface to minimize the risk of exploitation. For Cisco TelePresence Multipoint Switch (CTMS) devices versions 1.0.x through 1.6.x: Restrict access to the Java servlet RMI interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.