CVE-2015-6312

EPSS 0.61%
Veröffentlicht 06.04.2016 23:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dell ≫ Emc Powerscale Onefs Version8.2.2

   Cisco ≫ Telepresence Server 7010 Version-
   Cisco ≫ Telepresence Server Mse 8710 Version-
   Cisco ≫ Telepresence Server On Multiparty Media 310 Version-
   Cisco ≫ Telepresence Server On Multiparty Media 320 Version-
   Cisco ≫ Telepresence Server On Virtual Machine Version-

Netgear ≫ Jr6150 Firmware Version < 2017-01-06

Zyxel ≫ Gs1900-10hp Firmware Version < 2.50\(aazi.0\)c0

Zzinc ≫ Keymouse Firmware Version3.08 SwPlatformwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.61%	0.686

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2

Vendor Advisory

http://www.securitytracker.com/id/1035500

https://nvd.nist.gov/vuln/detail/CVE-2015-6312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-6312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-6312

EUVD