Sign-up

ID

VAR-201405-0465


CVE

CVE-2014-2175


TITLE

Cisco TelePresence TC Software and TE Service disruption in software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-002375

DESCRIPTION

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849. Vendors have confirmed this vulnerability Bug ID CSCtq78849 It is released as.Skillfully crafted by a third party H.225 Service disruption via packets ( Memory consumption ) There is a possibility of being put into a state. Multiple remote denial-of-service vulnerabilities 2. A buffer-overflow vulnerability 3. A command-injection vulnerability 4. A command-injection vulnerability 5. A heap-based buffer-overflow vulnerability 6. A local buffer-overflow vulnerability 7. A local authentication-bypass vulnerability 8. A remote denial-of-service vulnerability Attackers can exploit these issues to execute arbitrary code in the context of the device, bypass authentication mechanisms, gain unauthorized access, execute arbitrary commands, or cause denial-of-service conditions; other attacks may also be possible. These issues are being tracked by Cisco Bug IDs CSCud29566, CSCua64961, CSCuj94651, CSCtq72699, CSCto70562, CSCua86589, CSCty44804, CSCue60211, CSCue60202, CSCud81796, CSCub67693, CSCub67692, and CSCtq78849. Cisco TelePresence is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco)

Trust: 1.98

sources: NVD: CVE-2014-2175 // JVNDB: JVNDB-2014-002375 // BID: 67170 // VULHUB: VHN-70114

AFFECTED PRODUCTS

vendor:ciscomodel:telepresence te softwarescope:eqversion:6.0

Trust: 2.4

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.3

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.2.3

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.2.2

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.2.4

Trust: 1.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.1

Trust: 1.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.2

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.2.1

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.2.0

Trust: 1.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.1.0

Trust: 1.6

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.1.2

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.0.1

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.6

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.0

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.1.1

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.0.4

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.5

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.2

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.1

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.2

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.7

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.0.0

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.3

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.0

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.1.4

Trust: 1.0

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.0.1

Trust: 1.0

vendor:ciscomodel:telepresencescope: - version: -

Trust: 0.8

vendor:ciscomodel:telepresence tc softwarescope:eqversion:4.x

Trust: 0.8

vendor:ciscomodel:telepresence tc softwarescope:eqversion:5.x

Trust: 0.8

vendor:ciscomodel:telepresence te softwarescope:eqversion:4.x

Trust: 0.8

sources: JVNDB: JVNDB-2014-002375 // CNNVD: CNNVD-201405-037 // NVD: CVE-2014-2175

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2175
value: HIGH

Trust: 1.0

NVD: CVE-2014-2175
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201405-037
value: HIGH

Trust: 0.6

VULHUB: VHN-70114
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-2175
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-70114
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-70114 // JVNDB: JVNDB-2014-002375 // CNNVD: CNNVD-201405-037 // NVD: CVE-2014-2175

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-70114 // JVNDB: JVNDB-2014-002375 // NVD: CVE-2014-2175

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201405-037

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201405-037

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002375

PATCH
title:cisco-sa-20140430-tcteurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte
Trust: 0.8
title:33899url:http://tools.cisco.com/security/center/viewAlert.x?alertId=33899
Trust: 0.8
title:cisco-sa-20140430-tcteurl:http://www.cisco.com/cisco/web/support/JP/112/1122/1122529_cisco-sa-20140430-tcte-j.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-002375

EXTERNAL IDS
db:NVDid:CVE-2014-2175
Trust: 2.8
db:JVNDBid:JVNDB-2014-002375
Trust: 0.8
db:CNNVDid:CNNVD-201405-037
Trust: 0.7
db:CISCOid:20140430 MULTIPLE VULNERABILITIES IN CISCO TELEPRESENCE TC AND TE SOFTWARE
Trust: 0.6
db:BIDid:67170
Trust: 0.3
db:VULHUBid:VHN-70114
Trust: 0.1
sources:
            
            
            VULHUB: VHN-70114 // 
            
            
            
            BID: 67170 // 
            
            
            
            JVNDB: JVNDB-2014-002375 // 
            
            
            
            CNNVD: CNNVD-201405-037 // 
            
            
            
            NVD: CVE-2014-2175

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140430-tcte
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2175
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2175
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-70114 // 
            
            
            
            BID: 67170 // 
            
            
            
            JVNDB: JVNDB-2014-002375 // 
            
            
            
            CNNVD: CNNVD-201405-037 // 
            
            
            
            NVD: CVE-2014-2175

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 67170

SOURCES
db:VULHUBid:VHN-70114
db:BIDid:67170
db:JVNDBid:JVNDB-2014-002375
db:CNNVDid:CNNVD-201405-037
db:NVDid:CVE-2014-2175

LAST UPDATE DATE
2025-04-13T23:05:06.769000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-70114date:2014-05-02T00:00:00
db:BIDid:67170date:2014-05-09T00:42:00
db:JVNDBid:JVNDB-2014-002375date:2014-05-07T00:00:00
db:CNNVDid:CNNVD-201405-037date:2014-05-07T00:00:00
db:NVDid:CVE-2014-2175date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-70114date:2014-05-02T00:00:00
db:BIDid:67170date:2014-04-30T00:00:00
db:JVNDBid:JVNDB-2014-002375date:2014-05-07T00:00:00
db:CNNVDid:CNNVD-201405-037date:2014-05-07T00:00:00
db:NVDid:CVE-2014-2175date:2014-05-02T10:55:08.430