漏洞类别:General remote services
漏洞等级: 
漏洞信息
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.
The vulnerability is due to a lack of flow-control mechanisms within the software.
漏洞危害
An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition.
解决方案
Cisco advisory cisco-sa-20170607-tele provides a fix. Refer to this advisory for upgrades and further information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论