Detections
Analytics
Cisco TelePresence VCS / Expressway < 8.8.2 Received Packet Parser DoS
high Nessus Plugin ID 97326
Language:
Synopsis
A video conferencing application running on the remote host is affected by a denial of service vulnerability.Description
According to its self-reported version, the Cisco TelePresence Video Communication Server (VCS) / Expressway running on the remote host is prior to 8.8.2. It is, therefore, affected by a denial of service vulnerability in the received packet parser due to insufficient size validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via specially crafted H.224 data in Real-Time Transport Protocol (RTP) packets, to cause a buffer overflow in the cache, resulting in crashing the application and a system reload.Solution
Upgrade to Cisco TelePresence VCS / Expressway version 8.8.2 or later.See Also
http://www.nessus.org/u?d2cc3432
Plugin Details
Severity: High
ID: 97326
File Name: cisco_telepresence_vcs_sa_20170125-expressway.nasl
Version: 1.8
Type: remote
Family: CISCO
Published: 2/22/2017
Updated: 4/7/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2017-3790
CVSS v3
Risk Factor: High
Base Score: 8.6
Temporal Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/h:cisco:telepresence_video_communication_server, cpe:/a:cisco:telepresence_video_communication_server, cpe:/a:cisco:telepresence_video_communication_server_software, cpe:/a:cisco:expressway_software
Required KB Items: Cisco/TelePresence_VCS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 1/25/2017
Vulnerability Publication Date: 1/25/2017
Reference Information
CVE: CVE-2017-3790
BID: 95786
CISCO-SA: cisco-sa-20170125-expressway
CISCO-BUG-ID: CSCus99263