Lucene search

CiscoCISCO-SA-20140122-VCS

HistoryJan 22, 2014 - 4:00 p.m.

Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability

2014-01-2216:00:00

tools.cisco.com

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.0%

JSON

Cisco
TelePresence Video Communication Server (VCS) contains a vulnerability that could allow an
unauthenticated, remote attacker to trigger the failure of several critical processes which may cause active call to be dropped and prevent users from making new calls until the affected system is reloaded.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs”]

Affected configurations

Vulners

Node

ciscotelepresence_video_communication_serverMatchany

CPENameOperatorVersion
cisco telepresence video communication server (vcs)eqany
cisco telepresence video communication server (vcs)eqany

CPE	Name	Operator	Version
	cisco telepresence video communication server (vcs)	eq	any
	cisco telepresence video communication server (vcs)	eq	any

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CISCO-SA-20140122-VCS