CVE-2015-0652

The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.

Published: Mar 13, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0652
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / expressway_software	-	x8.1.1.x
cisco / telepresence_conductor	-	xc2.4.x
cisco / telepresence_video_communication_server_software	-	x8.1.1.x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-vcs
http://www.securitytracker.com/id/1031910

Vulnerability Database

289,599

CVE-2015-0652