Описание
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:cisco:telepresence_server_software:2.3\(1.55\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:2.3\(1.57\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.24\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.46\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.48\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.49\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.80\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.82\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.95\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.96\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.97\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.98\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:4.0\(1.57\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:4.0\(2.8\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_server_software:4.1\(1.79\):*:*:*:*:*:*:*
Одно из
cpe:2.3:h:cisco:telepresence_server_7010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_server_mse_8710:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_310:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_320:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:telepresence_server_on_virtual_machine:-:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00448
Низкий
7.8 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.
EPSS
Процентиль: 63%
0.00448
Низкий
7.8 High
CVSS2
Дефекты
CWE-119