cisco-sa-20160516-vcs

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability

cisco-sa-20160516-vcs · Medium · Published 10 years ago · Updated 10 years ago

A vulnerability in the Session Initiation Protocol (SIP) implementation of the Cisco Video Communications Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.   The vulnerability is due to a malformed SIP header message. An attacker could exploit this vulnerability by manipulating the SIP URI. An exploit could allow the attacker to cause a disruption of service to the application. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2016-1400
Cisco Bug IDs	CSCuy43258
CVSS Score	Base 5.0 Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C
Product Names From Source	Cisco TelePresence Video Communication Server (VCS)

Related Products

Product	CVE	Evidence
Cisco TelePresence Video Communication Server (VCS)	CVE-2016-1400	Cisco OpenVuln
Cisco TelePresence	CVE-2016-1400	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability

Workarounds

Related Products