CVE-2014-2175

CWE-20Improper Input ValidationCWE-119Buffer OverflowCWE-264CWE-399CWE-78OS Command Injection4 documents4 sources
Severity
7.8HIGH
EPSS
0.4%
top 37.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Telepresence TC SoftwareCisco Telepresence TE Software
Timeline
PublishedMay 2
Latest updateMay 17

Description

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDcisco/telepresence_tc_software21 versions+20

🔴Vulnerability Details

2
GHSA
GHSA-ggw8-p79m-hxcv: Cisco TelePresence TC Software 42022-05-17
CVEList
CVE-2014-2175: Cisco TelePresence TC Software 42014-05-02

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco TelePresence TC and TE Software2014-04-30