Cisco addresses denial-of-service vulnerability in Videoscape products

News by Adam Greenberg

The updates address a DoS vulnerability in Videoscape Distribution Suite for Internet Streaming and Videoscape Distribution Suite Service Broker.

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Videoscape Distribution Suite Service Broker (VDS-SB).

According to an advisory, the vulnerability – CVE-2015-0725 – can be exploited by a remote, unauthenticated attacker to trigger device instability and cause a reload of the vulnerable device.

“The vulnerability is due to improper input validation,” the advisory said. “An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition.”

Cisco said that it is not aware of any public announcements about the bug, or that the vulnerability is being exploited, and explained that it was identified by the Cisco Technical Assistance Center during the investigation of a customer issue.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop