CVE-2014-2166 - OpenCVE

The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Telepresence Tc Software Telepresence Te Software

Configuration 1 [-]

OR	cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:::::::*
	cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:cisco:telepresence_te_software:4.1.0:::::::*
	cpe:2.3:a:cisco:telepresence_te_software:4.1.1:::::::*
	cpe:2.3:a:cisco:telepresence_te_software:4.1.2:::::::*
	cpe:2.3:a:cisco:telepresence_te_software:4.1.3:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2014-05-02T10:00:00

Updated: 2024-08-06T10:05:59.641Z

Reserved: 2014-02-25T00:00:00

Link: CVE-2014-2166

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-05-02T10:55:08.240

Modified: 2014-05-02T17:41:32.207

Link: CVE-2014-2166

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-05-02T04:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2014-2166", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:05:59.641Z"}, "title": "CVE Program Container", "references": [{"name": "20140430 Multiple Vulnerabilities in Cisco TelePresence TC and TE Software", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2014-2166", "datePublished": "2014-05-02T10:00:00", "dateReserved": "2014-02-25T00:00:00", "dateUpdated": "2024-08-06T10:05:59.641Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "66DB9D21-0443-4F03-B4A0-D9E06E9FCDAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "466B6D18-5F09-44AB-8CE4-12B8392112A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5F74429A-6C70-48A4-B0D1-3D759E13A389", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "052FEBF8-B775-4D8E-B958-A6A17E4DFA23", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9747F834-034D-438B-8BE5-5B2BDD8FFA52", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6FF142C-42C7-4BD0-9C30-C3B044F6BA3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "72362874-2BF7-48D4-9C3E-1DC151AA118B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2974B301-5F64-453C-A2A6-E231A998F9E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "EEE3BCD5-7472-45A2-8F62-834A90941EC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_tc_software:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2FB81C8F-46C1-4A87-B5B5-E63AE9654399", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E0E087F5-72E1-4F05-8BDF-F57DEA460CF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A98835A-1E5E-4123-B878-6B0D268A87D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D50A653F-768A-4981-9FEC-AC31395BA7FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:telepresence_te_software:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F9E5412D-27CB-4755-BF7F-0DAC3BEC5575", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562."}, {"lang": "es", "value": "La implementaci\u00f3n SIP en Cisco TelePresence TC Software 4.x y TE Software 4.x permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de paquetes SIP manipulados, tambi\u00e9n conocido como Bug ID CSCto70562."}], "id": "CVE-2014-2166", "lastModified": "2014-05-02T17:41:32.207", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-05-02T10:55:08.240", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}