Home

CVE-2016-1353

Description

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is in a FIN wait state, which allows remote attackers to cause a denial of service (TCP outage) via vectors involving FIN packets, aka Bug ID CSCuy45136.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.484

Associated Vulnerability

VulnerabilityOS Platform
Cisco Videoscape Distribution Suite for Internet Streaming TCP Session Handling Denial of Service Vulnerability For Cisco Videoscape Distribution Suite for Internet StreamingNCM
CVE-2016-1353NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705993Security Update for Cisco Videoscape Distribution Suite for Internet Streaming 3.11(6.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234