Denial of Service Vulnerability in Cisco TelePresence Video Communication Server and Expressway Software
CVE-2014-3369

Currently unrated

Key Information:

Vendor: Cisco
Status: Expressway Software
Vendor: CVE Published:; 19 October 2014

Summary

The SIP IX implementation in Cisco TelePresence Video Communication Server and Expressway Software prior to version X8.1.1 is vulnerable to denial-of-service attacks. Remote adversaries can send specially crafted SDP packets, which may lead to a device reload, effectively disrupting the service. This flaw raises concerns about the stability and reliability of the affected Cisco products in production environments.

References

http://secunia.com/advisories/60850

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id/1031055

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 19, 2014
Vulnerability Reserved
May 7, 2014