Lucene search

[email protected]NVD:CVE-2017-6790

HistoryAug 17, 2017 - 8:29 p.m.

CVE-2017-6790

2017-08-1720:29:00

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance. The vulnerability is due to excessive SIP traffic sent to the device. An attacker could exploit this vulnerability by transmitting large volumes of SIP traffic to the VCS. An exploit could allow the attacker to cause a complete DoS condition on the targeted system. Cisco Bug IDs: CSCve32897.

Affected configurations

Nvd

Node

ciscotelepresence_video_communication_serverMatchx8.7

ciscotelepresence_video_communication_serverMatchx8.7.1

ciscotelepresence_video_communication_serverMatchx8.7.2

ciscotelepresence_video_communication_serverMatchx8.7.3

ciscotelepresence_video_communication_serverMatchx8.8

ciscotelepresence_video_communication_serverMatchx8.9

VendorProductVersionCPE
ciscotelepresence_video_communication_serverx8.7cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7:*:*:*:*:*:*:*
ciscotelepresence_video_communication_serverx8.7.1cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.1:*:*:*:*:*:*:*
ciscotelepresence_video_communication_serverx8.7.2cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.2:*:*:*:*:*:*:*
ciscotelepresence_video_communication_serverx8.7.3cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.3:*:*:*:*:*:*:*
ciscotelepresence_video_communication_serverx8.8cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8:*:*:*:*:*:*:*
ciscotelepresence_video_communication_serverx8.9cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_video_communication_server	x8.7	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7:::::::*
cisco	telepresence_video_communication_server	x8.7.1	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.1:::::::*
cisco	telepresence_video_communication_server	x8.7.2	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.2:::::::*
cisco	telepresence_video_communication_server	x8.7.3	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.3:::::::*
cisco	telepresence_video_communication_server	x8.8	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8:::::::*
cisco	telepresence_video_communication_server	x8.9	cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9:::::::*

References

www.securityfocus.com/bid/100369

www.securitytracker.com/id/1039185

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-vcs

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Related for NVD:CVE-2017-6790

cve1 prion1 cisco1 cvelist1