CVE-2012-2486

high Cisco
CVSS v3 Base Score
8.3
AV:A/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
1.0%
Exploitation probability in 30 days
Top 23% most likely to be exploited
Attack Characteristics
Attack Vector
Adjacent
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: July 12, 2012 (5054 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.

CWE

CWE-94

Affected Products

cisco telepresence multipoint switch softwarecisco telepresence multipoint switchcisco telepresence system softwarecisco telepresence system 1300 65cisco telepresence system 3000cisco telepresence system 3010cisco telepresence system 3200cisco telepresence system 3210cisco telepresence system t3cisco telepresence system tx1300 47

References

🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 tools.cisco.com