CVE-2016-1400

CWE-20 — Improper Input Validation CWE-3994 documents4 sources

Severity

7.5HIGH

EPSS

0.7%

top 27.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Telepresence Video Communication Server

Timeline

PublishedMay 25

Latest updateMay 17

Description

Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/telepresence_video_communication_server13 versions+12

🔴Vulnerability Details

GHSA

GHSA-xx88-rwrm-3468: Cisco TelePresence Video Communications Server (VCS) X8↗2022-05-17

▶

CVEList

CVE-2016-1400: Cisco TelePresence Video Communications Server (VCS) X8↗2016-05-25

▶

📋Vendor Advisories

Cisco

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability↗2016-05-16

▶