Description
Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1035899
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs
Scores
CVSS v3
7.5
EPSS
0.0176
EPSS Percentile
75.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (13)
cisco/telepresence_video_communication_server
x8.1.1
cisco/telepresence_video_communication_server
x8.1.2
cisco/telepresence_video_communication_server
x8.1_base
cisco/telepresence_video_communication_server
x8.2.1
cisco/telepresence_video_communication_server
x8.2.2
cisco/telepresence_video_communication_server
x8.2_base
cisco/telepresence_video_communication_server
x8.5 rc4
cisco/telepresence_video_communication_server
x8.5.0
cisco/telepresence_video_communication_server
x8.5.1
cisco/telepresence_video_communication_server
x8.5.2
... and 3 more
Published
May 25, 2016
Tracked Since
Feb 18, 2026