Lucene search
K

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability (cisco-sa-20160516-vcs)

🗓️ 17 May 2016 00:00:00Reported by Copyright (C) 2016 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 25 Views

Cisco VCS SIP Packet Processing DoS Vulnerabilit

Related
Refs
Code
ReporterTitlePublishedViews
Family
Cisco
Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability
16 May 201600:00
cisco
CNVD
Cisco TelePresence Video Communication Server Denial of Service Vulnerability (CNVD-2016-03341)
17 May 201600:00
cnvd
CVE
CVE-2016-1400
25 May 201601:00
cve
Cvelist
CVE-2016-1400
25 May 201601:00
cvelist
EUVD
EUVD-2016-2499
7 Oct 202500:30
euvd
NVD
CVE-2016-1400
25 May 201601:59
nvd
OSV
CVE-2016-1400
25 May 201601:59
osv
Prion
Design/Logic Flaw
25 May 201601:59
prion
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:cisco:telepresence_video_communication_server_software";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.105723");
  script_version("2024-02-21T14:36:44+0000");
  script_tag(name:"last_modification", value:"2024-02-21 14:36:44 +0000 (Wed, 21 Feb 2024)");
  script_tag(name:"creation_date", value:"2016-05-17 15:13:01 +0200 (Tue, 17 May 2016)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2016-12-01 03:05:00 +0000 (Thu, 01 Dec 2016)");

  script_cve_id("CVE-2016-1400");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability (cisco-sa-20160516-vcs)");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("CISCO");
  script_dependencies("gb_cisco_vcs_consolidation.nasl");
  script_mandatory_keys("cisco/vcs/detected");

  script_tag(name:"summary", value:"A vulnerability in the Session Initiation Protocol (SIP)
  implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated,
  remote attacker to cause a denial of service (DoS) condition.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The vulnerability is due to a malformed SIP header message. An
  attacker could exploit this vulnerability by manipulating the SIP URI.");

  script_tag(name:"impact", value:"An exploit could allow the attacker to cause a disruption of
  service to the application.");

  script_tag(name:"affected", value:"Cisco TelePresence VCS version X8.x prior to X8.7.2.");

  script_tag(name:"solution", value:"Update to version X8.7.2 or higher.");

  script_xref(name:"URL", value:"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if( ! version = get_app_version( cpe:CPE, nofork:TRUE ) )
  exit( 0 );

if( version =~ "^8\." ) {
  if( version_is_less( version:version, test_version:"8.7.2" ) ) {
    report = report_fixed_ver(  installed_version:version, fixed_version:"8.7.2" );
    security_message( port:0, data:report );
    exit( 0 );
  }
}

exit( 99 );

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Feb 2024 00:00Current
7.4High risk
Vulners AI Score7.4
CVSS 25
CVSS 37.5
EPSS0.01765
25