CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
76.3%
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious IPv4 or IPv6 packet to an affected device on TCP port 7400. An exploit could allow the attacker to overread a buffer, resulting in a crash and restart of the XCP Router service. Cisco Bug IDs: CSCvg97663, CSCvi55947.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_video_communication_server | x7.0.1 | cpe:2.3:a:cisco:telepresence_video_communication_server:x7.0.1:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x7.2.4 | cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.4:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.1 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.2.2 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.2:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.5 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.6 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.7 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.8 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.9 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9:*:*:*:*:*:*:* |
cisco | telepresence_video_communication_server | x8.10 | cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
76.3%