CVE-2015-0652

high

Cisco

CVSS v3 Base Score

7.8

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Score

0.4%

Exploitation probability in 30 days

Top 38% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: March 13, 2015 (4080 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.

CWE

CWE-20

Affected Products

cisco expressway softwarecisco telepresence conductorcisco telepresence video communication server software

References

🔗 tools.cisco.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securitytracker.com

CVE-2015-0652

Vulnerability Report

Description

CWE

Affected Products

References