Condorlab

Cisco – Vulnerability in Cisco TelePresence Endpoint allow a remote DoS.


Advisory IDRSN-SIP-1561


Vulnerability Information

 

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence end point to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software.


Release Date

 

2017-06-08 00:00:00

 

SIP (Session Initiation Protocol) is a protocol used for the initiation, modification and termination of voice and video calls through IP networks. This protocol is implemented in multiple Cisco systems products such as routers, switches and Firewalls.


Technical Information

 

The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition.The vendor has assigned bug ID CSCux94002 to this vulnerability.


Solutions

 

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com


External Resources

 

Cisco Security Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele

Common Vulnerabilities and Exposures (CVE)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6648