7.8

CVE-2017-6648

EPSS 0.73%
Veröffentlicht 08.06.2017 13:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Telepresence Ce Software Version8.2.2

Cisco ≫ Telepresence Tc Software Version3.1.5

Cisco ≫ Telepresence Tc Software Version3.1_base

Cisco ≫ Telepresence Tc Software Version4.1.0

Cisco ≫ Telepresence Tc Software Version4.1.1

Cisco ≫ Telepresence Tc Software Version4.1.2

Cisco ≫ Telepresence Tc Software Version4.1_base

Cisco ≫ Telepresence Tc Software Version4.2.0

Cisco ≫ Telepresence Tc Software Version4.2.1

Cisco ≫ Telepresence Tc Software Version4.2.2

Cisco ≫ Telepresence Tc Software Version4.2.3

Cisco ≫ Telepresence Tc Software Version4.2.4

Cisco ≫ Telepresence Tc Software Version4.2_base

Cisco ≫ Telepresence Tc Software Version5.0.2

Cisco ≫ Telepresence Tc Software Version5.0.2-cucm

Cisco ≫ Telepresence Tc Software Version5.0_base

Cisco ≫ Telepresence Tc Software Version5.1.3

Cisco ≫ Telepresence Tc Software Version5.1.3-cucm

Cisco ≫ Telepresence Tc Software Version5.1.4

Cisco ≫ Telepresence Tc Software Version5.1.4-cucm

Cisco ≫ Telepresence Tc Software Version5.1.5

Cisco ≫ Telepresence Tc Software Version5.1.5-cucm

Cisco ≫ Telepresence Tc Software Version5.1.6

Cisco ≫ Telepresence Tc Software Version5.1.6-cucm

Cisco ≫ Telepresence Tc Software Version5.1.7

Cisco ≫ Telepresence Tc Software Version5.1.7-cucm

Cisco ≫ Telepresence Tc Software Version5.1.11

Cisco ≫ Telepresence Tc Software Version5.1.13

Cisco ≫ Telepresence Tc Software Version5.1_base

Cisco ≫ Telepresence Tc Software Version6.0.0

Cisco ≫ Telepresence Tc Software Version6.0.0-cucm

Cisco ≫ Telepresence Tc Software Version6.0.1

Cisco ≫ Telepresence Tc Software Version6.0.1-cucm

Cisco ≫ Telepresence Tc Software Version6.0.2

Cisco ≫ Telepresence Tc Software Version6.0.3

Cisco ≫ Telepresence Tc Software Version6.0.4

Cisco ≫ Telepresence Tc Software Version6.0_base

Cisco ≫ Telepresence Tc Software Version6.1.0

Cisco ≫ Telepresence Tc Software Version6.1.0-cucm

Cisco ≫ Telepresence Tc Software Version6.1.1

Cisco ≫ Telepresence Tc Software Version6.1.1-cucm

Cisco ≫ Telepresence Tc Software Version6.1.2

Cisco ≫ Telepresence Tc Software Version6.1.2-cucm

Cisco ≫ Telepresence Tc Software Version6.1.3

Cisco ≫ Telepresence Tc Software Version6.1.4

Cisco ≫ Telepresence Tc Software Version6.1_base

Cisco ≫ Telepresence Tc Software Version6.3.0

Cisco ≫ Telepresence Tc Software Version6.3.1

Cisco ≫ Telepresence Tc Software Version6.3.2

Cisco ≫ Telepresence Tc Software Version6.3.3

Cisco ≫ Telepresence Tc Software Version6.3.4

Cisco ≫ Telepresence Tc Software Version6.3.5

Cisco ≫ Telepresence Tc Software Version7.1.0

Cisco ≫ Telepresence Tc Software Version7.1.1

Cisco ≫ Telepresence Tc Software Version7.1.2

Cisco ≫ Telepresence Tc Software Version7.1.3

Cisco ≫ Telepresence Tc Software Version7.1.4

Cisco ≫ Telepresence Tc Software Version7.2.0

Cisco ≫ Telepresence Tc Software Version7.2.1

Cisco ≫ Telepresence Tc Software Version7.3.0

Cisco ≫ Telepresence Tc Software Version7.3.1

Cisco ≫ Telepresence Tc Software Version7.3.2

Cisco ≫ Telepresence Tc Software Version7.3.3

Cisco ≫ Telepresence Tc Software Version7.3.6

Cisco ≫ Telepresence Tc Software Version7.3.7

Cisco ≫ Telepresence Tc Software Version8.2.0

Cisco ≫ Telepresence Tc Software Version8.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.73%	0.704

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://www.securityfocus.com/bid/98934

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1038624

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-6648

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-6648

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-6648

EUVD