HIGHβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2017-6648

CVSS 7.5v3.0pub. 2017-06-08upd. 2026-05-13

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Cisco Telepresence Ce Software

    APP
    Cisco
    8.2.2
  • Cisco Telepresence Tc Software

    APP
    Cisco
    3.1.53.1_base4.1.04.1.14.1.24.1_base4.2.04.2.14.2.24.2.34.2.44.2_base5.0.25.0.2-cucm5.0_base+ 51 wiΔ™cej
🟒
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2016-1387CRITICAL9.8ten sam produkt

The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collabor...

CVE-2015-0722HIGH7.8ten sam produkt

The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 all...

CVE-2014-2174HIGH8.3ten sam produkt

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control...

CVE-2014-2165HIGH7.8ten sam produkt

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote...

CVE-2014-2163HIGH7.8ten sam produkt

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attacke...

CVE-2017-6648 β€” Cisco β€” Telepresence Ce Software β€” HIGH β€” CVSS 7.5 | CVEbaza.pl