Vulnerabilities > CVE-2015-0772 - Resource Management Errors vulnerability in Cisco Telepresence Video Communication Server Software X8.5

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

cisco

CWE-399

NVD

Published: 2015-06-12

Updated: 2017-01-04

Summary

Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Telepresence Video Communication Server Software X8.5	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=39240
http://www.securitytracker.com/id/1032540