Vulnerability Details : CVE-2013-3393
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2013-3393
- cpe:2.3:a:cisco:jabber:-:-:*:*:*:windows:*:*
- cpe:2.3:a:cisco:virtualization_experience_media_engine:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-3393
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-3393
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-3393
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-3393
-
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3393
Cisco Jabber Video Engine Denial of Service Vulnerability
Jump to