Details of VAR-201505-0169

ID

VAR-201505-0169

CVE

CVE-2015-0722

TITLE

plural TelePresence Service disruption in product network drivers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-002796

DESCRIPTION

The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952. An attacker can exploit this issue to restart and reload the device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuj68952. Cisco TelePresence is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). TC and so on are the terminal software

Trust: 2.07

sources: NVD: CVE-2015-0722 // JVNDB: JVNDB-2015-002796 // BID: 74636 // VULHUB: VHN-78668 // VULMON: CVE-2015-0722

AFFECTED PRODUCTS

vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	3.1_base	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.3	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.3.4	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.4	Trust: 1.6
vendor:	cisco	model:	telepresence te software	scope:	eq	version:	6.0.1	Trust: 1.6
vendor:	cisco	model:	telepresence te software	scope:	eq	version:	6.0.0	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.0	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.2	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.3	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2_base	Trust: 1.6
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.4-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.3.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	3.1.5	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.1.4	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.0_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.6-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.3.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.1.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.3.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.1.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.0.2-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.1.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.3.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.1_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.0.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.0-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.7	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.2-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2.3	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.1.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.2.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.2.4	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.1-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.4	Trust: 1.0
vendor:	cisco	model:	telepresence te software	scope:	eq	version:	6.0.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	4.1.2	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.1-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.6	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.7-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.1.3	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.5-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.5	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.2.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	7.1.1	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.3-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	5.1.3	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.3.3	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	eq	version:	6.0.0-cucm	Trust: 1.0
vendor:	cisco	model:	telepresence te software	scope:	eq	version:	6.0_base	Trust: 1.0
vendor:	cisco	model:	telepresence tc software	scope:	lt	version:	7.3.2	Trust: 0.8
vendor:	cisco	model:	telepresence te software	scope:	lt	version:	7.3.2	Trust: 0.8

sources: JVNDB: JVNDB-2015-002796 // CNNVD: CNNVD-201505-241 // NVD: CVE-2015-0722

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0722
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-0722
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201505-241
value:	HIGH
Trust: 0.6
VULHUB:	VHN-78668
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-0722
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-0722
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-78668
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-78668 // VULMON: CVE-2015-0722 // JVNDB: JVNDB-2015-002796 // CNNVD: CNNVD-201505-241 // NVD: CVE-2015-0722

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-78668 // JVNDB: JVNDB-2015-002796 // NVD: CVE-2015-0722

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201505-241

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201505-241

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-002796

PATCH

title:	cisco-sa-20150513-tc	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tc	Trust: 0.8
title:	38718	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=38718	Trust: 0.8
title:	cisco-sa-20150513-tc	url:	http://www.cisco.com/cisco/web/support/JP/112/1129/1129379_cisco-sa-20150513-tc-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2015-002796

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0722	Trust: 2.9
db:	JVNDB	id:	JVNDB-2015-002796	Trust: 0.8
db:	SECUNIA	id:	64495	Trust: 0.6
db:	CNNVD	id:	CNNVD-201505-241	Trust: 0.6
db:	BID	id:	74636	Trust: 0.5
db:	VULHUB	id:	VHN-78668	Trust: 0.1
db:	VULMON	id:	CVE-2015-0722	Trust: 0.1

sources: VULHUB: VHN-78668 // VULMON: CVE-2015-0722 // BID: 74636 // JVNDB: JVNDB-2015-002796 // CNNVD: CNNVD-201505-241 // NVD: CVE-2015-0722

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150513-tc	Trust: 2.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0722	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0722	Trust: 0.8
url:	http://secunia.com/advisories/64495	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=38718	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/74636	Trust: 0.1

sources: VULHUB: VHN-78668 // VULMON: CVE-2015-0722 // BID: 74636 // JVNDB: JVNDB-2015-002796 // CNNVD: CNNVD-201505-241 // NVD: CVE-2015-0722

CREDITS

Cisco

Trust: 0.3

sources: BID: 74636

SOURCES

db:	VULHUB	id:	VHN-78668
db:	VULMON	id:	CVE-2015-0722
db:	BID	id:	74636
db:	JVNDB	id:	JVNDB-2015-002796
db:	CNNVD	id:	CNNVD-201505-241
db:	NVD	id:	CVE-2015-0722

LAST UPDATE DATE

2025-04-13T23:18:09.670000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-78668	date:	2015-05-26T00:00:00
db:	VULMON	id:	CVE-2015-0722	date:	2015-05-26T00:00:00
db:	BID	id:	74636	date:	2015-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2015-002796	date:	2015-05-27T00:00:00
db:	CNNVD	id:	CNNVD-201505-241	date:	2015-05-25T00:00:00
db:	NVD	id:	CVE-2015-0722	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-78668	date:	2015-05-25T00:00:00
db:	VULMON	id:	CVE-2015-0722	date:	2015-05-25T00:00:00
db:	BID	id:	74636	date:	2015-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2015-002796	date:	2015-05-27T00:00:00
db:	CNNVD	id:	CNNVD-201505-241	date:	2015-05-15T00:00:00
db:	NVD	id:	CVE-2015-0722	date:	2015-05-25T00:59:02.637