CVE-2015-6284 (CNNVD-201509-247)
中文标题:
Cisco TelePresence Server Software 缓冲区溢出漏洞
英文标题:
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server s...
漏洞描述
中文描述:
Cisco TelePresence Server Software是美国思科(Cisco)公司的一套被称为“网真”系统的视频会议解决方案。该方案提供音频、视频空间等组件,可为远程参会者提供一个“面对面”的虚拟会议室效果。 Cisco TelePresence Server Software的Conference Control Protocol API中存在缓冲区溢出漏洞,该漏洞源于程序没有正确过滤用户输入。攻击者可借助特制的URL利用该漏洞造成拒绝服务。以下版本受到影响:使用4.1(2.33)之前版本软件的Cisco TelePresence Server 7010,Cisco TelePresence Server MSE 8710,Cisco TelePresence Server on Multiparty Media 310,Cisco TelePresence Server on Multiparty Media 320,Cisco TelePresence Server on Virtual Machine。
英文描述:
Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| cisco | telepresence_server_software | 2.3\(1.55\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:2.3\(1.55\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 2.3\(1.57\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:2.3\(1.57\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.0\(2.24\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.24\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.0\(2.46\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.46\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.0\(2.48\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.48\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.0\(2.49\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.49\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.80\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.80\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.82\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.82\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.95\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.95\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.96\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.96\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.97\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.97\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 3.1\(1.98\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.98\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 4.0\(1.57\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:4.0\(1.57\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 4.0\(2.8\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:4.0\(2.8\):*:*:*:*:*:*:*
|
| cisco | telepresence_server_software | 4.1\(1.79\) | - | - |
cpe:2.3:a:cisco:telepresence_server_software:4.1\(1.79\):*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
AV:N/AC:L/Au:N/C:N/I:N/A:C
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2015-6284 |
2025-11-11 15:18:59 | 2025-11-11 07:34:07 |
| NVD | nvd_CVE-2015-6284 |
2025-11-11 14:54:51 | 2025-11-11 07:42:48 |
| CNNVD | cnnvd_CNNVD-201509-247 |
2025-11-11 15:09:36 | 2025-11-11 07:52:11 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-201509-247
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.8
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:N/I:N/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 15
- data_sources: ['cve'] -> ['cve', 'nvd']