7.8 - cisco-sa-20111026-camera

Executive Summary

Summary
Title	Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

Informations
Name	cisco-sa-20111026-camera	First vendor Publication	N/A
Vendor	Cisco	Last vendor Modification	2011-10-26
Severity (Vendor)	N/A	Revision	1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score	7.8	Attack Range	Network
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator.

There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-399	Resource Management Errors

CPE : Common Platform Enumeration

Type	Description	Count
Application	Cisco Video Surveillance Software cpe:2.3:a:cisco:video_surveillance_software:4.2.0:::::::* cpe:2.3:a:cisco:video_surveillance_software:4.0.1:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.3.1:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.3.0:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1.7:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1.6:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1.4:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1.3:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1.2:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.1:::::::* cpe:2.3:a:cisco:video_surveillance_software:2.0.0:::::::* cpe:2.3:a:cisco:video_surveillance_software:1.2.1:::::::* cpe:2.3:a:cisco:video_surveillance_software:1.1.0:::::::*	13
Hardware	Cisco Video Surveillance 2421 cpe:2.3:h:cisco:video_surveillance_2421:-:::::::*	1
Hardware	Cisco Video Surveillance 2500 cpe:2.3:h:cisco:video_surveillance_2500:-:::::::*	1
Hardware	Cisco Video Surveillance 2600 cpe:2.3:h:cisco:video_surveillance_2600:-:::::::*	1

Open Source Vulnerability Database (OSVDB)

Id	Description
76566	Cisco Video Surveillance IP Cameras RTSP TCP Packets Parsing Remote DoS

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	16
osvdb(s)	1

	Related
7.8	CVE-2011-3318
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

7.8 - cisco-sa-20111026-camera

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU