CVE-2015-6313

moderate-risk
Published 2016-04-06

Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565.

Do I need to act?

-
0.33% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (3)

Opensolaris
Keymouse Firmware

Affected Vendors

Zzinc Zyxel Sun

References (4)

Vendor Advisory http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20...
http://www.securitytracker.com/id/1035501
Vendor Advisory http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20...
http://www.securitytracker.com/id/1035501
36
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 9/34 · Low