CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1720

A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to improper handling of the XML input. An attacker could exploit this vulnerability by sending a specifically crafted XML payload. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition until the system is manually rebooted. Software versions prior to X12.5.1 are affected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.4%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 6.8

References

Products affected by CVE-2019-1720

Cisco » Telepresence Video Communication Server » Version: N/A

cpe:2.3:a:cisco:telepresence_video_communication_server:-
Cisco » Telepresence Video Communication Server » Version: 14.0

cpe:2.3:a:cisco:telepresence_video_communication_server:14.0
Cisco » Telepresence Video Communication Server » Version: 14.0.5

cpe:2.3:a:cisco:telepresence_video_communication_server:14.0.5
Cisco » Telepresence Video Communication Server » Version: 14.0.7

cpe:2.3:a:cisco:telepresence_video_communication_server:14.0.7
Cisco » Telepresence Video Communication Server » Version: x.6.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x.6.1
Cisco » Telepresence Video Communication Server » Version: x.7.0.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x.7.0.3
Cisco » Telepresence Video Communication Server » Version: x12.5

cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5
Cisco » Telepresence Video Communication Server » Version: x12.5.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.0
Cisco » Telepresence Video Communication Server » Version: x5.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x5.2
Cisco » Telepresence Video Communication Server » Version: x6.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x6.0
Cisco » Telepresence Video Communication Server » Version: x6.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x6.1
Cisco » Telepresence Video Communication Server » Version: x7.0.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.0.0
Cisco » Telepresence Video Communication Server » Version: x7.0.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.0.1
Cisco » Telepresence Video Communication Server » Version: x7.0.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.0.2
Cisco » Telepresence Video Communication Server » Version: x7.0.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.0.3
Cisco » Telepresence Video Communication Server » Version: x7.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.1
Cisco » Telepresence Video Communication Server » Version: x7.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2
Cisco » Telepresence Video Communication Server » Version: x7.2.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.0
Cisco » Telepresence Video Communication Server » Version: x7.2.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.1
Cisco » Telepresence Video Communication Server » Version: x7.2.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.2
Cisco » Telepresence Video Communication Server » Version: x7.2.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.3
Cisco » Telepresence Video Communication Server » Version: x7.2.4

cpe:2.3:a:cisco:telepresence_video_communication_server:x7.2.4
Cisco » Telepresence Video Communication Server » Version: x8.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1
Cisco » Telepresence Video Communication Server » Version: x8.1.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.1
Cisco » Telepresence Video Communication Server » Version: x8.1.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.2
Cisco » Telepresence Video Communication Server » Version: x8.10

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10
Cisco » Telepresence Video Communication Server » Version: x8.10.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.0
Cisco » Telepresence Video Communication Server » Version: x8.10.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.1
Cisco » Telepresence Video Communication Server » Version: x8.10.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.2
Cisco » Telepresence Video Communication Server » Version: x8.10.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.3
Cisco » Telepresence Video Communication Server » Version: x8.10.4

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.4
Cisco » Telepresence Video Communication Server » Version: x8.11

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11
Cisco » Telepresence Video Communication Server » Version: x8.11.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.0
Cisco » Telepresence Video Communication Server » Version: x8.11.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.1
Cisco » Telepresence Video Communication Server » Version: x8.11.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.2
Cisco » Telepresence Video Communication Server » Version: x8.11.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.3
Cisco » Telepresence Video Communication Server » Version: x8.11.4

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.4
Cisco » Telepresence Video Communication Server » Version: x8.1_base

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1_base
Cisco » Telepresence Video Communication Server » Version: x8.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2
Cisco » Telepresence Video Communication Server » Version: x8.2.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.1
Cisco » Telepresence Video Communication Server » Version: x8.2.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.2
Cisco » Telepresence Video Communication Server » Version: x8.2_base

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2_base
Cisco » Telepresence Video Communication Server » Version: x8.5

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5
Cisco » Telepresence Video Communication Server » Version: x8.5.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.0
Cisco » Telepresence Video Communication Server » Version: x8.5.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.1
Cisco » Telepresence Video Communication Server » Version: x8.5.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.2
Cisco » Telepresence Video Communication Server » Version: x8.5.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.3
Cisco » Telepresence Video Communication Server » Version: x8.6

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6
Cisco » Telepresence Video Communication Server » Version: x8.6.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6.0
Cisco » Telepresence Video Communication Server » Version: x8.6.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6.1
Cisco » Telepresence Video Communication Server » Version: x8.7

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7
Cisco » Telepresence Video Communication Server » Version: x8.7.0

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.0
Cisco » Telepresence Video Communication Server » Version: x8.7.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.1
Cisco » Telepresence Video Communication Server » Version: x8.7.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.2
Cisco » Telepresence Video Communication Server » Version: x8.7.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.3
Cisco » Telepresence Video Communication Server » Version: x8.8

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8
Cisco » Telepresence Video Communication Server » Version: x8.8.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.1
Cisco » Telepresence Video Communication Server » Version: x8.8.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.2
Cisco » Telepresence Video Communication Server » Version: x8.8.3

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.3
Cisco » Telepresence Video Communication Server » Version: x8.9

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9
Cisco » Telepresence Video Communication Server » Version: x8.9.1

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9.1
Cisco » Telepresence Video Communication Server » Version: x8.9.2

cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1720

Products

Pricing

Contact Us