Cisco addresses denial-of-service vulnerability in Videoscape products

News by Adam Greenberg

The updates address a DoS vulnerability in Videoscape Distribution Suite for Internet Streaming and Videoscape Distribution Suite Service Broker.

Cisco has released software updates to address a denial-of-service (DoS) vulnerability in Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Videoscape Distribution Suite Service Broker (VDS-SB).

According to an advisory, the vulnerability – CVE-2015-0725 – can be exploited by a remote, unauthenticated attacker to trigger device instability and cause a reload of the vulnerable device.

“The vulnerability is due to improper input validation,” the advisory said. “An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition.”

Cisco said that it is not aware of any public announcements about the bug, or that the vulnerability is being exploited, and explained that it was identified by the Cisco Technical Assistance Center during the investigation of a customer issue.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events