CVE-2015-0772

CWE-3995 documents5 sources

Severity

7.1HIGH

EPSS

0.4%

top 40.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Telepresence Video Communication Server Software

Timeline

PublishedJun 12

Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/telepresence_video_communicationx8.5

🔴Vulnerability Details

GHSA

GHSA-jxhf-r3w6-4pgq: Cisco TelePresence Video Communication Server (VCS) X8↗2022-05-17

▶

CVEList

CVE-2015-0772: Cisco TelePresence Video Communication Server (VCS) X8↗2015-06-12

▶

💥Exploits & PoCs

Exploit-DB

Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping↗2016-07-03

▶

📋Vendor Advisories

Cisco

Cisco TelePresence Video Communication Server SDP Over SIP Denial of Service Vulnerability↗2015-06-09

▶