A vulnerability in the cluster databasenbsp;(CDB) management component of Cisconbsp;Expressway Series Software, Cisconbsp;TelePresence Video Communication Servernbsp;(VCS) Software, and Cisco TelePresence Conductor Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in a temporary denial of servicenbsp;(DoS) condition.
The vulnerability is due to incomplete input validation of URL requests by the REST API of the affected software.
An attacker could exploit this vulnerability by sending a crafted URL to the REST API of the affected software on an affected system.
A successful exploit could allow the attacker to cause the CDB process on the affected system to restart unexpectedly, resulting in a temporary DoS condition.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
Security Impact Rating: Medium