Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2015-0725

Published: 16/07/2015 Updated: 22/09/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) prior to 3.3.1 R7 and 4.x prior to 4.0.0 R4 allow remote malicious users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco videoscape distribution suite service broker 1.0_base

cisco videoscape distribution suite service broker 1.1_base

cisco videoscape distribution suite service broker 1.0.1

cisco videoscape distribution suite for internet streaming 3.3.0

cisco videoscape distribution suite for internet streaming 3.3.1

cisco videoscape distribution suite for internet streaming 2.5\\(1\\)

cisco videoscape distribution suite for internet streaming 2.5\\(3\\)

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b35

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b39

cisco videoscape distribution suite for internet streaming 3.1.2_b26

cisco videoscape distribution suite for internet streaming 3.1.2_b34

cisco videoscape distribution suite for internet streaming 3.1.2_b54

cisco videoscape distribution suite for internet streaming 4.0.0

cisco videoscape distribution suite for internet streaming 3.2.0

cisco videoscape distribution suite for internet streaming 2.2\\(1\\)

cisco videoscape distribution suite for internet streaming 2.4\\(1\\)

cisco videoscape distribution suite for internet streaming 2.5\\(11\\)

cisco videoscape distribution suite for internet streaming 2.6\\(1\\)

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b50

cisco videoscape distribution suite for internet streaming 3.0.0

cisco videoscape distribution suite for internet streaming 3.2.1_b9

cisco videoscape distribution suite for internet streaming 3.2.1_b15

cisco videoscape distribution suite for internet streaming 3.2.1

cisco videoscape distribution suite for internet streaming 2.4\\(3\\)

cisco videoscape distribution suite for internet streaming 2.4\\(5\\)

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b26

cisco videoscape distribution suite for internet streaming 3.1.2

cisco videoscape distribution suite for internet streaming 3.1.2_b17

cisco videoscape distribution suite for internet streaming 3.2.1_b20

cisco videoscape distribution suite for internet streaming 1.0.0

cisco videoscape distribution suite for internet streaming 2.0\\(1\\)

cisco videoscape distribution suite for internet streaming 2.0\\(3\\)

cisco videoscape distribution suite for internet streaming 2.5\\(7\\)

cisco videoscape distribution suite for internet streaming 2.5\\(9\\)

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b45

cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b47

cisco videoscape distribution suite for internet streaming 3.1.2_b60

cisco videoscape distribution suite for internet streaming 3.2.0_b26

Recent Articles

Cisco Videoscape bug could bring endless repeats to your tellie
The Register • Richard Chirgwin • 16 Jul 2015

Cloudy PVR has denial of service problem, but the fix is in

Cisco is asking Web broadcasters using its Videoscape TV-over-IP streaming product to get patching, after a denial-of-service vulnerability was found in the software. The system, kicked off in 2011 and rolled into a bigger “Evolved Services Platform” in 2014, is a cloudy PVR with transcoder and video optimisation. The Borg's advisory says an input validation bug (CVE-2015-0725) in the Videoscape Distribution Suite's HTTP processing module lets attackers force reloads over HTTP. “Successful...

Read more...

References

CWE-20http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vdshttp://www.securitytracker.com/id/1032936https://nvd.nist.govhttps://www.theregister.co.uk/2015/07/16/cisco_videoscape_brings_dos_to_the_tv_experience/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572CVE-2024-24919CVE-2024-0230CVE-2024-32714HTML injectionlocal file inclusionCVE-2024-31098CVE-2024-31244privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook