A vulnerability in the HTTP processing module of the Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Cisco Videoscape Distribution Suite Service Broker (VDS-SB) could allow an unauthenticated, remote attacker to cause a reload of the affected device.

The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable device. An exploit could allow the attacker to cause a denial of service (DoS) condition.

There is no workaround that mitigates this vulnerability.

Cisco has released software updates that address this vulnerability for Cisco VDS-IS.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vds

Leave a Reply