Vulnerability Description
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Server Software | 2.3\(1.55\) |
| Cisco | Telepresence Server 7010 | - |
| Cisco | Telepresence Server Mse 8710 | - |
| Cisco | Telepresence Server On Multiparty Media 310 | - |
| Cisco | Telepresence Server On Multiparty Media 320 | - |
| Cisco | Telepresence Server On Virtual Machine | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1033580Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1033580Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-6284?
CVE-2015-6284 is a vulnerability with a CVSS score of 7.8 (HIGH). Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine device...
How severe is CVE-2015-6284?
CVE-2015-6284 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-6284?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Server Software, Cisco Telepresence Server 7010, Cisco Telepresence Server Mse 8710, Cisco Telepresence Server On Multiparty Media 310, Cisco Telepresence Server On Multiparty Media 320.