CVE-2015-0725

EPSS 0.15%
Published 16.07.2015 21:59:00
Last modified 12.04.2025 10:46:40
Source psirt@cisco.com
Teams watchlist Login
Open Login

Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.0.1

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.0_base

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.1_base

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version1.0.0

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.0.0

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2_b17

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2_b26

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2_b34

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2_b54

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.1.2_b60

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.0

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.0_b26

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.1

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.1_b9

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.1_b15

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.2.1_b20

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.0

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.0 Updater1

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater1

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater2

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater3

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater4

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater5

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version3.3.1 Updater6

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version4.0.0

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version4.0.0 Updater1

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version4.0.0 Updater2

Cisco ≫ Videoscape Distribution Suite For Internet Streaming Version4.0.0 Updater3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.15%	0.367

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vds

Patch

Vendor Advisory

http://www.securitytracker.com/id/1032936

https://nvd.nist.gov/vuln/detail/CVE-2015-0725

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-0725

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-0725

EUVD