Cisco TelePresence Advanced Media Gateway Improper Input Validation Vulnerability

Summary

A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. 

Credit:

The information has been provided by Vendor

The original article can be found at:https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr69362

 


Details

The vulnerability is due to the lack of input validation in the web application. An attacker could exploit this vulnerability by sending a crafted authenticated HTTP request to the device. An exploit could allow the attacker to stop services on an affected device. The device may become inoperable and results in a denial of service (DoS) condition.

 

Vulnerable Systems:

Cisco TelePresence Advanced Media Gateway 

 

CVE Information:

CVE-2019-15966

 

Disclosure Timeline:
Published Date:11/5/2019