CVE-2014-3369

Published: Oct 19, 2014Modified: May 6, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252.

Affected (2)

Products: Cisco: Expressway Software, Telepresence Video Communication Server Software

Cisco

2 products

Expressway Software

Telepresence Video Communication Server Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Expressway Software	Up to x8.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Telepresence Video Communication Server Software	Up to x8.1

Related CWEs

CWE-399

References (8)

http://secunia.com/advisories/60850

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=35828

Source: psirt@cisco.com

http://www.securitytracker.com/id/1031055

Source: psirt@cisco.com

http://secunia.com/advisories/60850

Source: af854a3a-2127-422b-91ae-364da2661108

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=35828

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1031055

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.