1. Home
  2. CVE Database
  3. CVE-2016-1353
MEDIUM · 5.3

CVE-2016-1353

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is ...

Vulnerability Description

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is in a FIN wait state, which allows remote attackers to cause a denial of service (TCP outage) via vectors involving FIN packets, aka Bug ID CSCuy45136.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
CiscoVideoscape Distribution Suite For Internet Streaming3.3.0

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2016-1353?

CVE-2016-1353 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is ...

How severe is CVE-2016-1353?

CVE-2016-1353 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1353?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Videoscape Distribution Suite For Internet Streaming.