A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition.
The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-rf-gateway-1 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-rf-gateway-1”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | rf_gateway_1_firmware | any | cpe:2.3:o:cisco:rf_gateway_1_firmware:any:*:*:*:*:*:*:* |
cisco | rf_gateway_1_firmware | 1 | cpe:2.3:o:cisco:rf_gateway_1_firmware:1:*:*:*:*:*:*:* |