The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.
cpe:2.3:a:cisco:expressway_software:*:*:*:*:*:*:*:* versions up to x8.1.1 (inclusive)
cpe:2.3:a:cisco:telepresence_conductor:*:prealpha0:*:*:*:*:*:* versions up to xc2.4 (inclusive)
cpe:2.3:a:cisco:telepresence_video_communication_server_software:*:*:*:*:*:*:*:* versions up to x8.1.1 (inclusive)