Lucene search

CiscoCISCO-SA-20140122-VCS

HistoryJan 22, 2014 - 4:00 p.m.

Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability

2014-01-2216:00:00

tools.cisco.com

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.012

Percentile

85.0%

JSON

Cisco
TelePresence Video Communication Server (VCS) contains a vulnerability that could allow an
unauthenticated, remote attacker to trigger the failure of several critical processes which may cause active call to be dropped and prevent users from making new calls until the affected system is reloaded.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs”]

Affected configurations

Vulners

Node

ciscotelepresence_video_communication_serverMatchany

VendorProductVersionCPE
ciscotelepresence_video_communication_serveranycpe:2.3:h:cisco:telepresence_video_communication_server:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_video_communication_server	any	cpe:2.3:h:cisco:telepresence_video_communication_server:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.012

Percentile

85.0%

JSON

Related for CISCO-SA-20140122-VCS