Vulnerability Description
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence System Software | <= f9.3 |
| Cisco | Tandberg 2000 Mxp | - |
| Cisco | Tandberg 550 Mxp | - |
| Cisco | Tandberg 770 Mxp | - |
| Cisco | Tandberg 880 Mxp | - |
| Cisco | Tandberg 990 Mxp | - |
| Cisco | Telepresence System 1000 Mxp | - |
| Cisco | Telepresence System 1700 Mxp | - |
| Cisco | Telepresence System Codec 3000 Mxp | - |
| Cisco | Telepresence System Codec 6000 Mxp | - |
| Cisco | Telepresence System Edge 75 Mxp | - |
| Cisco | Telepresence System Edge 85 Mxp | - |
| Cisco | Telepresence System Edge 95 Mxp | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
FAQ
What is CVE-2014-2156?
CVE-2014-2156 is a vulnerability with a CVSS score of 7.1 (HIGH). Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739.
How severe is CVE-2014-2156?
CVE-2014-2156 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2156?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence System Software, Cisco Tandberg 2000 Mxp, Cisco Tandberg 550 Mxp, Cisco Tandberg 770 Mxp, Cisco Tandberg 880 Mxp.