Important DoS Vulnerability for Cisco Expressway and VCS X7.x and X8.x – CVE-2017-6790

Special thank you to Ben Petroff and the Stack8 Managed Services team for their expertise with Cisco Expressway  

Earlier this spring, Cisco had announced a denial of service (DoS) vulnerability affecting CUCM 10.x and 11.x, which we discussed in a previous blog post entitled: Important DoS Vulnerability for CUCM 10.x and 11.x “cisco-sa-20170419-ucm”

Cisco has recently announced that Cisco Expressway and TelePresence Video Communication Server (VCS) are also affected by a similar DoS vulnerability. Advisory ID “cisco-sa-20170816-vcs” (CVE-2017-6790) explains that an unauthenticated, remote attacker could send excessive SIP traffic to the device and cause a complete DoS condition on the targeted system.

Given the fact that Expressway and VCS are often positioned at the edge of the network (ideally in a DMZ) and thus publicly accessible from the Internet, Stack8 considers this as a very serious vulnerability and recommends that affected systems be upgraded as soon as possible.

Any Expressway or VCS release from X7.x and below X8.10 are vulnerable.

More details on this vulnerability can be found here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-vcs

Should you or your organization require assistance with the deployment of this important Expressway/VCS software update, Stack8’s team of Cisco UC experts are available to help!