Executive Summary

Summary
Title Cisco Videoscape Distribution Suite Cache Server Denial of Service Vulnerability
Informations
Name cisco-sa-20170802-vds First vendor Publication 2017-08-02
Vendor Cisco Last vendor Modification 2017-08-02
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance.

The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds"]

BEGIN PGP SIGNATURE

iQKBBAEBAgBrBQJZgfnFZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkqFBAA5Tgi3LkNhCNvcNMl hhM2aGGp2WohYNPDz/R09bc1FlCGJXj5sja2lUa+hXMfGW/R8r/J0UtPTylapDUD 2TMXNrm0vnf/gc6trr3BD369ESIoh7EH/UJwxSshO2kGqJtSmvVuWQSH5ism4fp2 K1bGnU1U/etBPgTTh17cj1Klhwl7OMviFzaWRQ97bPp1yYFiryATPz1hRYvJVXm2 06IE8+BNhJT6zElOC6s3HhY2kl5o7qx56lYqYPcH6EEWmgBHlkdybWlI4jFuNk0 +nBFZT/PXgSDMEykThFoz8WVfS3sUxZGt3K541pyaoNpwQIaAVIhkFE0v0676f6ym K0fXcfY3BPs1RFPv9ZTJ73tPOa2676MyJ20YBmrSqCJyaj1Ni4AJf3gsMY8eDB2y TfQdhRvP653ubRMPrHBZwKFFYgSAkXwZDwEkuEbtXgNUYbsj40E/SpDAC0mM92eG Smim/w05vm/N7Ua4gEZc1BbYoM/upfHHtgCz2Jcrs6SbODMY3HONE98dP4f3tPP7 7MQ2F/3/Wc+Lbo7x1pTMRu11zW52tYUc3JJekU2afXOlCHCKpTO4mQzACJ6KjdTY zhHoJLwVIuR//Tt46FVSJ8A4FIJH1/liP+DDNvfPJpdTjOaD5jJi9EO/YCjwWQqL AynBYnCxHeFUoWPo2isF7UlKERc= =2MI6 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 17

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2017-08-10 21:25:48
  • Multiple Updates
2017-08-07 12:03:40
  • Multiple Updates
2017-08-02 21:22:42
  • First insertion