CVE-2011-2543

Name of the Vulnerable Software and Affected Versions Cisco Telepresence System Integrator C Series versions 4.x before 4.2.0

Description The issue is related to a buffer overflow in the cuil component, allowing remote authenticated users to cause a denial of service, such as endpoint reboot or process crash, or possibly execute arbitrary code. This can be achieved by sending a long location parameter to the getxml program.

Recommendations For versions 4.x before 4.2.0, update to version 4.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the getxml program to minimize the risk of exploitation.