CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
51.7%
A vulnerability in system resource management in the Cisco Videoscape Session Resource Manager (VSRM) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition because the device unexpectedly restarts.
The vulnerability occurs because the VSRM is not installed using best practices and in a secure environment where DoS attacks are prevented before reaching the adjacent network. An attacker could exploit this vulnerability only by being on the adjacent network and directing a flood of traffic at the devices upstream to the VSRM. An exploit could allow the attacker to cause a DoS condition. The VSRM resumes normal operation when the attack ceases on the upstream devices.
Cisco has not released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-vsrm[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-vsrm”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | videoscape_session_resource_manager | any | cpe:2.3:a:cisco:videoscape_session_resource_manager:any:*:*:*:*:*:*:* |
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
51.7%