Cisco TelePresence Endpoint SIP INVITE Packet Flood DoS (cisco-sa-20170607-tele)

high Nessus Plugin ID 100838


A video conferencing application running on the remote host is affected by a denial of service vulnerability.


The remote host either is running Cisco TelePresence Codec (TC) that is version 7.2.x prior to 7.3.8 or is running Cisco Collaboration Endpoint (CE) software that is version 8.x prior 8.3.0. It is, therefore, affected by a denial of service vulnerability in the Session Initiation Protocol (SIP) due to a lack of proper flow-control mechanisms within the software. An unauthenticated, remote attacker can exploit this, by sending a flood of SIP INVITE packets, to cause the TelePresence endpoint to reload unexpectedly.


Upgrade to Cisco TelePresence Codec (TC) version 7.3.8 or Cisco Collaboration Endpoint (CE) version 8.3.0.

See Also

Plugin Details

Severity: High

ID: 100838

File Name: cisco-sa-20170607-tele.nasl

Version: 1.4

Type: remote

Family: CISCO

Published: 6/16/2017

Updated: 7/12/2019

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:telepresence_tc_software, x-cpe:/a:cisco:telepresence_ce_software

Required KB Items: Cisco/TelePresence_MCU/Device, Cisco/TelePresence_MCU/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 6/7/2017

Vulnerability Publication Date: 6/7/2017

Reference Information

CVE: CVE-2017-6648

BID: 98934

CISCO-SA: cisco-sa-20170607-tele