cvelistv5 - cve-2015-6284

cve-2015-6284

Vulnerability from cvelistv5

Published

2015-09-20 14:00

Modified

2024-08-06 07:15

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps	Vendor Advisory
ykramarz@cisco.com	http://www.securitytracker.com/id/1033580	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033580	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:15:13.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1033580",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033580"
          },
          {
            "name": "20150916 Cisco TelePresence Server Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-20T16:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1033580",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033580"
        },
        {
          "name": "20150916 Cisco TelePresence Server Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6284",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1033580",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033580"
            },
            {
              "name": "20150916 Cisco TelePresence Server Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-6284",
    "datePublished": "2015-09-20T14:00:00",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:15:13.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-6284\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2015-09-20T14:59:02.367\",\"lastModified\":\"2024-11-21T02:34:42.013\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer en la implementaci\u00f3n de la API del Conference Control Protocol en el software de Cisco TelePresence Server en versiones anteriores a 4.1(2.33) en 7010, MSE 8710, Multiparty Media 310 y 320 y dispositivos Virtual Machine, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del dispositivo) a trav\u00e9s de una URL manipulada, tambi\u00e9n conocida como Bug ID CSCuu28277.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:2.3\\\\(1.55\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C8E87AF-FAC5-419F-80DF-02EF48485990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:2.3\\\\(1.57\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5488C8-1B72-41D5-B346-1C27B529BAC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.0\\\\(2.24\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE67D1A0-522A-4FEB-A59E-27D8E8FA3196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.0\\\\(2.46\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4A68418-34B5-4ACE-8F5C-B0609E8A76B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.0\\\\(2.48\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34CF67C-94F7-4252-99CA-468AC3E6F735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.0\\\\(2.49\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"288C4183-2BB1-4BEE-B99D-419D6948087E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.80\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBDD6C7C-F04F-4637-A582-A2A3C7FDB124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.82\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D520D173-93B8-4991-A632-C8EBE880F4EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.95\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C63DDA-0E39-4F7D-86ED-50166D13A575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.96\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"928F0A7E-A758-4030-802B-66761FF7EA1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.97\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53B053D6-71BF-46D7-97A7-54946FFA690A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:3.1\\\\(1.98\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D515279-816E-43A1-8A8F-364F5DE5B919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:4.0\\\\(1.57\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71B3BA0E-F4D1-484D-987D-F96DD3DECDB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:4.0\\\\(2.8\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A70BA8-B132-4EAC-A9C5-706B5BE7D837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_server_software:4.1\\\\(1.79\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"409C5B7B-4A9B-40CE-97CA-4899FB075CC5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:telepresence_server_7010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"983E3CC5-7B3A-467A-A482-0D19792CB55E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:telepresence_server_mse_8710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"411829A8-56C6-4851-8063-97F03C7B66B2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_310:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51463F95-8A40-47CC-A0FD-B8F0ED16C39F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7792A73D-C38F-44E6-A660-6CDB0955EC69\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:telepresence_server_on_virtual_machine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18C16ABE-9BA2-4852-9B12-70BA6A1D50C2\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1033580\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1033580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

ghsa-jcf7-3f5g-p5qv

Vulnerability from github

Published

2022-05-17 03:13

Modified

2022-05-17 03:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-09-20T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.",
  "id": "GHSA-jcf7-3f5g-p5qv",
  "modified": "2022-05-17T03:13:41Z",
  "published": "2022-05-17T03:13:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6284"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1033580"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277. Vendors report this vulnerability Bug ID CSCuu28277 Published as.Expertly crafted by a third party URL Via denial of service ( Device crash ) May be in a state. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuu28277. The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect. The vulnerability is caused by the program not properly filtering user input

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201509-0009",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1.80\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.3\\(1.57\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1.82\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0\\(1.57\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(1.79\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.0\\(2.24\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.3\\(1.55\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0\\(2.8\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1.96\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.1\\(1.95\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.0\\(2.49\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.0\\(2.46\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.1\\(1.97\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.1\\(1.98\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.0\\(2.48\\)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.3 (1.55)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.3 (1.57)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.3 (1.58)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.0 (2.24)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.0 (2.46)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.0 (2.48)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.0 (2.49)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.80)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.82)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.95)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.96)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.97)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.1 (1.98)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0 (1.57)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0 (2.8)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1 (1.79)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1(1.79)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0(2.8)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0(1.57)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.98)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.97)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.96)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.95)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.82)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(1.80)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0(2.49)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0(2.48)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0(2.46)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0(2.24)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3(1.58)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3(1.57)"
      },
      {
        "model": "telepresence server software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3(1.55)"
      },
      {
        "model": "telepresence server on virtual machine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3200"
      },
      {
        "model": "telepresence server on multiparty media",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3100"
      },
      {
        "model": "telepresence server mse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "87100"
      },
      {
        "model": "telepresence server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "70100"
      },
      {
        "model": "telepresence server software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1(2.33)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:telepresence_server_software",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2015-6284",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-6284",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-84245",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-6284",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6284",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201509-247",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84245",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277. Vendors report this vulnerability Bug ID CSCuu28277 Published as.Expertly crafted by a third party URL Via denial of service ( Device crash ) May be in a state. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuu28277. The solution provides components such as audio and video spaces, which can provide remote participants with a \"face-to-face\" virtual meeting room effect. The vulnerability is caused by the program not properly filtering user input",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6284",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1033580",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "76758",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-84245",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "id": "VAR-201509-0009",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:59:31.569000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20150916-tps",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
      },
      {
        "title": "40749",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40749"
      },
      {
        "title": "cisco-sa-20150916-tps",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/JP/113/1135/1135306_cisco-sa-20150916-tps-j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150916-tps"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1033580"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6284"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6284"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/76758"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/c/en/us/products/conferencing/telepresence-server/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40749"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "db": "BID",
        "id": "76758"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "date": "2015-09-16T00:00:00",
        "db": "BID",
        "id": "76758"
      },
      {
        "date": "2015-09-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "date": "2015-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "date": "2015-09-20T14:59:02.367000",
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84245"
      },
      {
        "date": "2015-09-16T00:00:00",
        "db": "BID",
        "id": "76758"
      },
      {
        "date": "2015-09-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      },
      {
        "date": "2015-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      },
      {
        "date": "2024-11-21T02:34:42.013000",
        "db": "NVD",
        "id": "CVE-2015-6284"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco TelePresence Server Device  Conference Control Protocol API Buffer Overflow Vulnerability in Java Implementation",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004940"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-247"
      }
    ],
    "trust": 0.6
  }
}

gsd-2015-6284

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2015-6284

Aliases

CVE-2015-6284

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6284",
    "description": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.",
    "id": "GSD-2015-6284"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6284"
      ],
      "details": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.",
      "id": "GSD-2015-6284",
      "modified": "2023-12-13T01:20:04.710795Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6284",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1033580",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1033580"
          },
          {
            "name": "20150916 Cisco TelePresence Server Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.98\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.97\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.96\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.95\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.24\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.48\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.80\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(2.8\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.55\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.57\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.46\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.49\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.82\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(1.57\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_server_software:4.1\\(1.79\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:telepresence_server_on_virtual_machine:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:telepresence_server_7010:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:telepresence_server_mse_8710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_310:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6284"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150916 Cisco TelePresence Server Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
            },
            {
              "name": "1033580",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1033580"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-29T13:15Z",
      "publishedDate": "2015-09-20T14:59Z"
    }
  }
}

fkie_cve-2015-6284

Vulnerability from fkie_nvd

Published

2015-09-20 14:59

Modified

2024-11-21 02:34

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1033580	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033580	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	telepresence_server_software	2.3\(1.55\)
cisco	telepresence_server_software	2.3\(1.57\)
cisco	telepresence_server_software	3.0\(2.24\)
cisco	telepresence_server_software	3.0\(2.46\)
cisco	telepresence_server_software	3.0\(2.48\)
cisco	telepresence_server_software	3.0\(2.49\)
cisco	telepresence_server_software	3.1\(1.80\)
cisco	telepresence_server_software	3.1\(1.82\)
cisco	telepresence_server_software	3.1\(1.95\)
cisco	telepresence_server_software	3.1\(1.96\)
cisco	telepresence_server_software	3.1\(1.97\)
cisco	telepresence_server_software	3.1\(1.98\)
cisco	telepresence_server_software	4.0\(1.57\)
cisco	telepresence_server_software	4.0\(2.8\)
cisco	telepresence_server_software	4.1\(1.79\)
cisco	telepresence_server_7010	-
cisco	telepresence_server_mse_8710	-
cisco	telepresence_server_on_multiparty_media_310	-
cisco	telepresence_server_on_multiparty_media_320	-
cisco	telepresence_server_on_virtual_machine	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.55\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8E87AF-FAC5-419F-80DF-02EF48485990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:2.3\\(1.57\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1A5488C8-1B72-41D5-B346-1C27B529BAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.24\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CE67D1A0-522A-4FEB-A59E-27D8E8FA3196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.46\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A4A68418-34B5-4ACE-8F5C-B0609E8A76B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C34CF67C-94F7-4252-99CA-468AC3E6F735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.0\\(2.49\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "288C4183-2BB1-4BEE-B99D-419D6948087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.80\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDD6C7C-F04F-4637-A582-A2A3C7FDB124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.82\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D520D173-93B8-4991-A632-C8EBE880F4EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.95\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "04C63DDA-0E39-4F7D-86ED-50166D13A575",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.96\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "928F0A7E-A758-4030-802B-66761FF7EA1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.97\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "53B053D6-71BF-46D7-97A7-54946FFA690A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:3.1\\(1.98\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8D515279-816E-43A1-8A8F-364F5DE5B919",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(1.57\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "71B3BA0E-F4D1-484D-987D-F96DD3DECDB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.0\\(2.8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28A70BA8-B132-4EAC-A9C5-706B5BE7D837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_server_software:4.1\\(1.79\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "409C5B7B-4A9B-40CE-97CA-4899FB075CC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:telepresence_server_7010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "983E3CC5-7B3A-467A-A482-0D19792CB55E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:telepresence_server_mse_8710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "411829A8-56C6-4851-8063-97F03C7B66B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51463F95-8A40-47CC-A0FD-B8F0ED16C39F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:telepresence_server_on_multiparty_media_320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7792A73D-C38F-44E6-A660-6CDB0955EC69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:telepresence_server_on_virtual_machine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18C16ABE-9BA2-4852-9B12-70BA6A1D50C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en la implementaci\u00f3n de la API del Conference Control Protocol en el software de Cisco TelePresence Server en versiones anteriores a 4.1(2.33) en 7010, MSE 8710, Multiparty Media 310 y 320 y dispositivos Virtual Machine, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del dispositivo) a trav\u00e9s de una URL manipulada, tambi\u00e9n conocida como Bug ID CSCuu28277."
    }
  ],
  "id": "CVE-2015-6284",
  "lastModified": "2024-11-21T02:34:42.013",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-09-20T14:59:02.367",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150916-tps"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033580"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2015-6284

Vulnerability from cvelistv5

ghsa-jcf7-3f5g-p5qv

Vulnerability from github

var-201509-0009

Vulnerability from variot

gsd-2015-6284

Vulnerability from gsd

fkie_cve-2015-6284

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature