CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
53.2%
Cisco Tivoli Business Service Manager (TBSM), which is part of Cisco Hosted Collaboration Mediation (HCM), contains a vulnerability that could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS).
An attacker could exploit this vulnerability by sending a flood of TCP packets directed to ports 17310-17542 on Cisco TBSM. A successful attack could cause certain services to hang while the attack lasts.
Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.
To exploit the vulnerability, an attacker would need access to trusted, internal networks to send a series of TCP packets to the targeted system. This access requirement may reduce the likelihood of a successful attack.
Customers are advised to review the bug report in the vendor announcements section for a current list of affected versions.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | hosted_collaboration_solution | any | cpe:2.3:a:cisco:hosted_collaboration_solution:any:*:*:*:*:*:*:* |