10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
69.7%
Cisco TelePresence Video Communication Server (VCS), Cisco Expressway and Cisco TelePresence Conductor contain the following vulnerabilities:
SDP Media Description Denial of Service Vulnerability
Authentication Bypass Vulnerability
Successful exploitation of the SDP Media Description Denial of Service Vulnerability may
cause the affected system to reload.
Successful exploitation of the Authentication Bypass Vulnerability may allow an attacker to
bypass authentication and log in to the system with the privileges of an administrator.
Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link: