Denial of Service Vulnerability in Cisco TelePresence Products
CVE-2015-0652

Currently unrated

Key Information:

Vendor: Cisco
Status: Expressway Software; Telepresence Conductor; Telepresence Video Communication Server Software
Vendor: CVE Published:; 13 March 2015

What is CVE-2015-0652?

The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server and Cisco Expressway prior to version X8.2, as well as Cisco TelePresence Conductor before XC2.4, contains a flaw that allows remote attackers to exploit crafted media descriptions. This exploitation can lead to a denial of service, causing the affected device to mishandle exceptions and ultimately reload. This presents a significant risk to users reliant on video communication systems, as service interruptions can affect business operations and communication reliability.

References

http://www.securitytracker.com/id/1031910

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2015
Vulnerability Reserved
Jan 7, 2015