Executive Summary

Summary
Title Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software
Informations
Name cisco-sa-20141015-vcs First vendor Publication 2014-10-15
Vendor Cisco Last vendor Modification 2014-10-15
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software includes the following vulnerabilities:

Cisco TelePresence VCS and Cisco Expressway Crafted Packets Denial of Service Vulnerability Cisco TelePresence VCS and Cisco Expressway SIP IX Filter Denial of Service Vulnerability Cisco TelePresence VCS and Cisco Expressway SIP Denial of Service Vulnerability

Succesfull exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the affected system, which may result in a Denial of Service (DoS) condition.

Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVD6P+4pI1I6i1Mx3AQLo3w//b7W6uaV0LtUS6ij/XXH0YhnSHJqwTJvZ 5DNBjIAuHDBW53An4CU9dAEyjRLQSEgmGS5eLLCQtw2HuPWCTLxaAl+2CTVeKsZs 6afHx9OKYiMGlHQuZiAYupB5xjqhLTXpo0XgHZsgn+PBmhlcg6DE8l6EHEGZEAJJ Em4WQszSN8mKVqgD6r2ZcK7atQ6TFVTOxjxTTF8DeC/il5kC4XuUR/apBu2VqltY HrNnNQ0lEUQSEI/veCpVQqC6QPioFP7Fjg38FCi5bi/AtSTZyLvHRt4gakNNeDMc t6oGHiYexDJnrTyNxZI3YbIZQOTLahHJajt8ZU837VTB/bUI8ULNptTw3TnObPdp OQU/ah/moLNsaD+oyHqQyaO01KdZbZAAXNm11hRulfhXj/1Yjxy0Nft6Bi1v/l6m HlrFTzD9F705A1li3cVkVc5Yv8kiD4TtK/tUTPRg/3lb/Dxkntui5LIglurft3OC uDCnLLBL6vNrhjXz+JNgiRjE4H9CEU8qk6lR9Dhkzgc2OAb/+TcB3RdAtDlNrsIO 9zr8FxhufzUHgTrikUL3Kan23AcDNK1myLVyUY/3wfW4grdmLECFr3PNccohIMTC d0BkAacqacMiyBkD6AZibAiBYYomCNnAsRTKZedeHZTgch+YVXJrl9f6NRpGFW1W V7PLGyasDgU= =21uO END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 7

Nessus® Vulnerability Scanner

Date Description
2014-10-22 Name : The remote device is affected by flaws that can allow a denial of service via...
File : cisco_telepresence_vcs_sa_20141015.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-10-23 13:24:50
  • Multiple Updates
2014-10-22 09:29:14
  • Multiple Updates
2014-10-15 21:22:14
  • First insertion