Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) prior to 3.3.1 R7 and 4.x prior to 4.0.0 R4 allow remote malicious users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.
Vulnerable Product
Search on Vulmon
Subscribe to Product
cisco videoscape distribution suite service broker 1.0_base
cisco videoscape distribution suite service broker 1.1_base
cisco videoscape distribution suite service broker 1.0.1
cisco videoscape distribution suite for internet streaming 3.3.0
cisco videoscape distribution suite for internet streaming 3.3.1
cisco videoscape distribution suite for internet streaming 2.5\\(1\\)
cisco videoscape distribution suite for internet streaming 2.5\\(3\\)
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b35
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b39
cisco videoscape distribution suite for internet streaming 3.1.2_b26
cisco videoscape distribution suite for internet streaming 3.1.2_b34
cisco videoscape distribution suite for internet streaming 3.1.2_b54
cisco videoscape distribution suite for internet streaming 4.0.0
cisco videoscape distribution suite for internet streaming 3.2.0
cisco videoscape distribution suite for internet streaming 2.2\\(1\\)
cisco videoscape distribution suite for internet streaming 2.4\\(1\\)
cisco videoscape distribution suite for internet streaming 2.5\\(11\\)
cisco videoscape distribution suite for internet streaming 2.6\\(1\\)
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b50
cisco videoscape distribution suite for internet streaming 3.0.0
cisco videoscape distribution suite for internet streaming 3.2.1_b9
cisco videoscape distribution suite for internet streaming 3.2.1_b15
cisco videoscape distribution suite for internet streaming 3.2.1
cisco videoscape distribution suite for internet streaming 2.4\\(3\\)
cisco videoscape distribution suite for internet streaming 2.4\\(5\\)
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b26
cisco videoscape distribution suite for internet streaming 3.1.2
cisco videoscape distribution suite for internet streaming 3.1.2_b17
cisco videoscape distribution suite for internet streaming 3.2.1_b20
cisco videoscape distribution suite for internet streaming 1.0.0
cisco videoscape distribution suite for internet streaming 2.0\\(1\\)
cisco videoscape distribution suite for internet streaming 2.0\\(3\\)
cisco videoscape distribution suite for internet streaming 2.5\\(7\\)
cisco videoscape distribution suite for internet streaming 2.5\\(9\\)
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b45
cisco videoscape distribution suite for internet streaming 2.6\\(3\\)_b47
cisco videoscape distribution suite for internet streaming 3.1.2_b60
cisco videoscape distribution suite for internet streaming 3.2.0_b26
Cloudy PVR has denial of service problem, but the fix is in
Cisco is asking Web broadcasters using its Videoscape TV-over-IP streaming product to get patching, after a denial-of-service vulnerability was found in the software. The system, kicked off in 2011 and rolled into a bigger “Evolved Services Platform” in 2014, is a cloudy PVR with transcoder and video optimisation. The Borg's advisory says an input validation bug (CVE-2015-0725) in the Videoscape Distribution Suite's HTTP processing module lets attackers force reloads over HTTP. “Successful...