Cisco TelePresence Server Denial of Service Vulnerability (CVE-2015-6312)
Cisco TelePresence Server Denial of Service Vulnerability (CVE-2015-6312)
Release date:
Updated on:
Affected Systems:
Cisco TelePresence service 3.1
Description:
CVE (CAN) ID: CVE-2015-6312
Cisco TelePresence is a Cisco TelePresence solution.
Cisco TelePresence Server 3.1 does not properly handle malformed STUN packets, which can cause unauthenticated remote attackers to overload affected devices.
<* Source: Cisco
Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20160406-cts2) and patches for this:
Cisco-sa-20160406-cts2: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability
Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2
This article permanently updates the link address: