1. CVE-Search
  2. CVE-2014-3370
ID CVE-2014-3370
Summary Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447.
References
Vulnerable Configurations
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x6.0:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x6.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.1:*:*:*:base:*:*:*
    cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.1:*:*:*:base:*:*:*
  • cpe:2.3:a:cisco:expressway_software:x7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:expressway_software:x7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:expressway_software:x8.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:expressway_software:x8.1:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 08-10-2015 - 15:18)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
refmap via4
cisco 20141015 Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software
confirm http://tools.cisco.com/security/center/viewAlert.x?alertId=35829
sectrack 1031055
secunia 60850
Last major update 08-10-2015 - 15:18
Published 19-10-2014 - 01:55
Last modified 08-10-2015 - 15:18
Back to Top