CVE-2015-0744

2015-05-3014:59:02

CWE-399

[email protected]

web.nvd.nist.gov

cisco

dta control system

headend system

vulnerability

denial of service

cve-2015-0744

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.9%

JSON

Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315.

Affected configurations

NVD

Node

ciscodta_control_systemMatch4.0.0.9

ciscoheadend_digital_broadband_delivery_systemMatch-

ciscoheadend_system_releaseMatch2.5

ciscoheadend_system_releaseMatch2.7

ciscoheadend_system_releaseMatch3.2

ciscoheadend_system_releaseMatch3.5

ciscoheadend_system_releaseMatch3.7

ciscoheadend_system_releaseMatchi4.3

CPENameOperatorVersion
cisco:dta_control_systemcisco dta control systemeq4.0.0.9
cisco:headend_digital_broadband_delivery_systemcisco headend digital broadband delivery systemeq-
cisco:headend_system_releasecisco headend system releaseeq2.5
cisco:headend_system_releasecisco headend system releaseeq2.7
cisco:headend_system_releasecisco headend system releaseeq3.2
cisco:headend_system_releasecisco headend system releaseeq3.5
cisco:headend_system_releasecisco headend system releaseeq3.7
cisco:headend_system_releasecisco headend system releaseeqi4.3

CPE	Name	Operator	Version
cisco:dta_control_system	cisco dta control system	eq	4.0.0.9
cisco:headend_digital_broadband_delivery_system	cisco headend digital broadband delivery system	eq	-
cisco:headend_system_release	cisco headend system release	eq	2.5
cisco:headend_system_release	cisco headend system release	eq	2.7
cisco:headend_system_release	cisco headend system release	eq	3.2
cisco:headend_system_release	cisco headend system release	eq	3.5
cisco:headend_system_release	cisco headend system release	eq	3.7
cisco:headend_system_release	cisco headend system release	eq	i4.3