Vulnerability
Advisory ID: cisco-sa-20160406-cts2
Revision 1.0
For Public Release 2016 April 6 16:00 UTC (GMT)
+-----------------------------
Summary
=======
A vulnerability in Cisco TelePresence Server devices running software version 3.1 could
allow an unauthenticated, remote attacker to reload the device.
The vulnerability exists due to a failure to properly process malformed Session
Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability
by submitting malformed STUN packets to the device. If successful, the attacker could
force the device to reload and drop all calls in the process.
Cisco has released software updates that address this vulnerability. Workarounds that
address this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/
cts2
Komentarų nėra:
Rašyti komentarą