The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2wlXvNd
The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2wlXvNd
Security Impact Rating: Medium
CVE: CVE-2017-6763
from Cisco Security Advisory http://ift.tt/2wlXvNd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.