5.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
46.7%
A vulnerability in Cisco Digital Content Manager (DCM) could allow an unauthenticated, remote attacker to crash the system mainboard.
The vulnerability is due to the DCM receiving malformed ad messages from the ad server, which could trigger a system reboot. An attacker could exploit this vulnerability by sending malicious ad messages to the DCM. A successful exploit could cause the system to reboot, resulting in a denial of service (DoS) condition.
Cisco has confirmed the vulnerability and released software updates.
To exploit this vulnerability, the attacker must obtain information about the operating environment and the system must be configured in a way rarely seen in practice. The attacker may use social engineering techniques to attempt to obtain information about the operating environment in which the targeted system resides.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
CPE | Name | Operator | Version |
---|---|---|---|
cisco digital content manager (dcm) software | eq | any | |
cisco digital content manager (dcm) software | eq | any |