Vulnerabilities > CVE-2014-3397 - Resource Management Errors vulnerability in Cisco Telepresence MCU Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The network stack in Cisco TelePresence MCU Software before 4.3(2.30) allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets, aka Bug ID CSCtz35468.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO_TELEPRESENCE_MCU_SA_20141015.NASL |
| description | According to the self-reported version, returned by either the SNMP or FTP service running on the remote device, the Cisco TelePresence MCU software is affected by a vulnerability that can allow a remote, unauthenticated attacker to cause a denial of service via memory exhaustion. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 78624 |
| published | 2014-10-22 |
| reporter | This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/78624 |
| title | Cisco TelePresence MCU Software Memory Exhaustion |
References
- http://secunia.com/advisories/60855
- http://secunia.com/advisories/60855
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36016
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36016
- http://www.securitytracker.com/id/1031054
- http://www.securitytracker.com/id/1031054