A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device.

The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets.

A successful exploit could allow an attacker to cause a kernel panic, rebooting the device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts
A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device.

The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets.

A successful exploit could allow an attacker to cause a kernel panic, rebooting the device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts

Security Impact Rating: High

CVE: CVE-2016-1346