Vulnerabilities > CVE-2015-0722 - Resource Management Errors vulnerability in Cisco Telepresence TC Software and Telepresence TE Software
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | CISCO |
NASL id | CISCO_TELEPRESENCE_SA_20150513_TC.NASL |
description | The version of Cisco TelePresence TC or TE software running on the remote device is affected by one or more of the following vulnerabilities : - A implementation flaw exists in the authentication and authorization controls for internal services. An unauthenticated attacker, within the broadcast or collision domains, or who has physical access to the device, can exploit this flaw to bypass authentication and obtain root access to the system by connecting to the affected service. (CVE-2014-2174) - A flaw exists due to insufficient implementation of flood controls in the network drivers. A remote, unauthenticated attacker, by rapidly sending crafted IP packets to the device, can exploit this to cause processes to restart, potentially leading to a reload of the affected system and a denial of service. (CVE-2015-0722) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 83731 |
published | 2015-05-20 |
reporter | This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/83731 |
title | Cisco TelePresence TC and TE Software Multiple Vulnerabilities (cisco-sa-20150513-tc) |