Cisco TelePresence TC/TE software Denial of Service Vulnerability (CVE-2015-0722)
Cisco TelePresence TC/TE software Denial of Service Vulnerability (CVE-2015-0722)
Release date:
Updated on:
Affected Systems:
Cisco TelePresence TC Software <7.3.2
Description:
Bugtraq id: 74636
CVE (CAN) ID: CVE-2015-0722
Cisco TelePresence is a Cisco TelePresence solution that provides ultra-high-definition video images (1080 p) in real size, CD-quality audio, specially designed environments, and interactive components, this provides a "face-to-face" meeting experience for remote participants.
Earlier than Cisco TelePresence T/TC/TE 7.3.2, the network driver has a denial of service vulnerability. Remote attackers use a large number of specially crafted IP packets, this vulnerability can cause DoS (process restart or device overload ).
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20150513-tc) and patches for this:
Cisco-sa-20150513-tc: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc
This article permanently updates the link address: