CVE-2016-1353

Published: Mar 1, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is in a FIN wait state, which allows remote attackers to cause a denial of service (TCP outage) via vectors involving FIN packets, aka Bug ID CSCuy45136.

Affected (4)

Products: Cisco: Videoscape Distribution Suite For Internet Streaming

Cisco

1 product

Videoscape Distribution Suite For Internet Streaming

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Cisco Videoscape Distribution Suite For Internet Streaming	Version 3.3.0
Cisco Videoscape Distribution Suite For Internet Streaming	Version 3.3.1
Cisco Videoscape Distribution Suite For Internet Streaming	Version 4.0.0
Cisco Videoscape Distribution Suite For Internet Streaming	Version 4.1.0

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160226-vds-is

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1035123

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160226-vds-is

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1035123

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.