CVE-2016-1338

CWE-20 — Improper Input Validation CWE-3995 documents5 sources

Severity

6.5MEDIUM

EPSS

0.6%

top 29.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Telepresence Video Communication Server Software

Timeline

PublishedMar 12

Latest updateMay 17

Description

Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/telepresence_video_communicationx8.5.1, x8.5.2+1

🔴Vulnerability Details

GHSA

GHSA-x86w-wp2q-p8p4: Cisco TelePresence Video Communication Server (VCS) X8↗2022-05-17

▶

CVEList

CVE-2016-1338: Cisco TelePresence Video Communication Server (VCS) X8↗2016-03-12

▶

📋Vendor Advisories

Cisco

Cisco TelePresence Video Communication Server Denial of Service Vulnerability↗2016-03-09

▶