CVE-2014-2156

Published May 2, 2014

Last updated 11 years ago

Overview

Description
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739.
Source
ykramarz@cisco.com
NVD status
Analyzed

Social media

Hype score
Not currently trending

Risk scores

CVSS 2.0

Type
Primary
Base score
7.1
Impact score
6.9
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov
CWE-20

Evaluator

Comment
-
Impact
Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp " Vulnerable Products The following products running a version of Cisco TelePresence System MXP Series Software prior to F9.3.1 are affected by the vulnerabilities described in this advisory: Cisco TelePresence System 1700 MXP Cisco TelePresence System 1000 MXP Cisco TelePresence System Edge 75 MXP Cisco TelePresence System Edge 85 MXP Cisco TelePresence System Edge 95 MXP Cisco TelePresence System Codec 3000 MXP Cisco TelePresence System Codec 6000 MXP Tandberg 550 MXP Tandberg 770 MXP Tandberg 880 MXP Tandberg 990 MXP Tandberg 2000 MXP"
Solution
Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp " Vulnerable Products The following products running a version of Cisco TelePresence System MXP Series Software prior to F9.3.1 are affected by the vulnerabilities described in this advisory: Cisco TelePresence System 1700 MXP Cisco TelePresence System 1000 MXP Cisco TelePresence System Edge 75 MXP Cisco TelePresence System Edge 85 MXP Cisco TelePresence System Edge 95 MXP Cisco TelePresence System Codec 3000 MXP Cisco TelePresence System Codec 6000 MXP Tandberg 550 MXP Tandberg 770 MXP Tandberg 880 MXP Tandberg 990 MXP Tandberg 2000 MXP"

Configurations

References