CVE-2019-15966: Input Validation
First published: Tue Nov 05 2019(Updated: )
A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the lack of input validation in the web application. An attacker could exploit this vulnerability by sending a crafted authenticated HTTP request to the device. An exploit could allow the attacker to stop services on an affected device. The device may become inoperable and results in a denial of service (DoS) condition.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Advanced Media Gateway | =1.1 |
Remedy
Cisco TelePresence Advanced Media Gateway is no longer receiving software updates. Please see the following link for EoS and EoL information: https://www.cisco.com/c/en/us/products/collateral/conferencing/telepresence-advanced-media-gateway-series/eos-eol-notice-c51-731683.html
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- vendor/cisco
- canonical/cisco telepresence advanced media gateway
- version/cisco telepresence advanced media gateway/1.1