CVE-2012-2486
Cisco TelePresence Multipoint Switch < 1.9.0 - Remote Code Execution via Malformed CDP Packet
Title source: llmDescription
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs
Scores
EPSS
0.0175
EPSS Percentile
75.0%
Details
CWE
CWE-94
Status
published
Products (50)
cisco/telepresence_manager
1.1.0.0
cisco/telepresence_manager
1.1.0.0\(209\)
cisco/telepresence_manager
1.2.0.0
cisco/telepresence_manager
1.2.0.0\(200\)
cisco/telepresence_manager
1.3.2\(466\)
cisco/telepresence_manager
1.4.0\(279\)
cisco/telepresence_manager
1.5.1\(420\)
cisco/telepresence_manager
1.5.2\(423\)
cisco/telepresence_manager
1.6.0\(220\)
cisco/telepresence_manager
1.6.2\(64\)
... and 40 more
Published
Jul 12, 2012
Tracked Since
Feb 18, 2026