ID
VAR-201505-0188
CVE
CVE-2015-0744
TITLE
Cisco DTA Control System and Cisco Headend System Release Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. Cisco DTACS and Cisco Headend System Release are a front-end broadband digital transmission system. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. The vulnerability is caused by the program not restricting the traffic of TCP port
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | headend system release | scope: | eq | version: | 2.5 | Trust: 3.0 |
| vendor: | cisco | model: | headend system release | scope: | eq | version: | 2.7 | Trust: 3.0 |
| vendor: | cisco | model: | headend system release | scope: | eq | version: | 3.2 | Trust: 3.0 |
| vendor: | cisco | model: | headend system release | scope: | eq | version: | 3.5 | Trust: 3.0 |
| vendor: | cisco | model: | dta control system | scope: | eq | version: | 4.0.0.9 | Trust: 3.0 |
| vendor: | cisco | model: | headend system release | scope: | eq | version: | 3.7 | Trust: 2.4 |
| vendor: | cisco | model: | headend system release | scope: | eq | version: | i4.3 | Trust: 2.4 |
| vendor: | cisco | model: | headend digital broadband delivery system | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | headend digital broadband delivery system | scope: | - | version: | - | Trust: 1.4 |
| vendor: | cisco | model: | headend system release 3.7.i4.3 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | headend system release i4.3 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | headend system releases | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | dta control system dtacs-4.0.0.9 | scope: | - | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | 38943 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=38943 | Trust: 0.8 |
| title: | Patch for Cisco DTA Control System and Cisco Headend System Release Denial of Service Vulnerabilities | url: | https://www.cnvd.org.cn/patchInfo/show/59270 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0744 | Trust: 3.4 |
| db: | BID | id: | 74916 | Trust: 2.0 |
| db: | SECTRACK | id: | 1032445 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2015-002869 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201505-596 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-03564 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-78690 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=38943 | Trust: 2.3 |
| url: | http://www.securityfocus.com/bid/74916 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id/1032445 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0744 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0744 | Trust: 0.8 |
| url: | http://www.cisco.com | Trust: 0.3 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=38943 | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2015-03564 |
| db: | VULHUB | id: | VHN-78690 |
| db: | BID | id: | 74916 |
| db: | JVNDB | id: | JVNDB-2015-002869 |
| db: | CNNVD | id: | CNNVD-201505-596 |
| db: | NVD | id: | CVE-2015-0744 |
LAST UPDATE DATE
2025-04-13T23:09:54.464000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-03564 | date: | 2015-06-04T00:00:00 |
| db: | VULHUB | id: | VHN-78690 | date: | 2017-01-04T00:00:00 |
| db: | BID | id: | 74916 | date: | 2017-09-07T13:13:00 |
| db: | JVNDB | id: | JVNDB-2015-002869 | date: | 2015-06-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-596 | date: | 2015-06-05T00:00:00 |
| db: | NVD | id: | CVE-2015-0744 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-03564 | date: | 2015-06-04T00:00:00 |
| db: | VULHUB | id: | VHN-78690 | date: | 2015-05-30T00:00:00 |
| db: | BID | id: | 74916 | date: | 2015-05-29T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002869 | date: | 2015-06-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201505-596 | date: | 2015-05-30T00:00:00 |
| db: | NVD | id: | CVE-2015-0744 | date: | 2015-05-30T14:59:02.723 |