Skip to main content

Telepresence Video Communication Server CVE-2015-0579

MEDIUM
Resource Management Errors (CWE-399)
2015-01-14 psirt@cisco.com
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jan 14, 2015 - 19:59 cve.org
MEDIUM 5.0

DescriptionCVE.org

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473.

AnalysisAI

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-399. Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473. Affected products include: Cisco Telepresence Video Communication Server.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-1468 HIGH
8.8 Aug 08

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authen

CVE-2017-3790 HIGH
8.6 Feb 01

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Serv

CVE-2019-1845 HIGH
8.6 Jun 05

A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM

CVE-2012-0330 HIGH
7.8 Mar 01

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of s

CVE-2023-20192 HIGH
7.7 Jun 28

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow

CVE-2016-1400 HIGH
7.5 May 25

Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of ser

CVE-2012-0331 HIGH
7.5 Mar 01

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of s

CVE-2020-3596 HIGH
7.5 Oct 08

A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communi

CVE-2018-0409 HIGH
7.5 Aug 15

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P)

CVE-2018-0358 HIGH
7.5 Jun 21

A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could

CVE-2023-20209 HIGH
7.2 Aug 16

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communicat

CVE-2022-20755 HIGH
7.2 Apr 06

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresenc

Share

CVE-2015-0579 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy