Cisco Videoscape Delivery System Denial of Service Vulnerability

2015-07-15T16:00:00
ID CISCO-SA-20150715-VDS
Type cisco
Reporter Cisco
Modified 2015-07-15T15:41:30

Description

A vulnerability in the HTTP processing module of the Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Cisco Videoscape Distribution Suite Service Broker (VDS-SB) could allow an unauthenticated, remote attacker to cause a reload of the affected device.

The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable device. An exploit could allow the attacker to cause a denial of service (DoS) condition.

There is no workaround that mitigates this vulnerability.

Cisco has released software updates that address this vulnerability for Cisco VDS-IS.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vds["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vds"]

A vulnerability in the HTTP processing module of the Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Cisco Videoscape Distribution Suite Service Broker (VDS-SB) could allow an unauthenticated, remote attacker to cause a reload of the affected device.

The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request. An exploit could allow the attacker to cause a denial of service (DoS) condition.