Guest

Preview Tool

Cisco Bug: CSCur13999 - SCTE-30 messages causes DCM mainboard crash

Last Modified

Jun 16, 2020

Products (1)

  • Cisco Digital Content Manager (DCM) Software

Known Affected Releases

15.0.0

Description (partial)

Symptom:
A vulnerability in the Cisco Digital Content Manager (DCM) could allow a remote attacker to crash the system mainboard.

The vulnerability is due to the DCM receiving malformed ad messages from the ad server which trigger the system to reboot. An attacker could
exploit this vulnerability by sending malicious ad messages to the DCM. In order to conduct this attack, the attacker must obtain information
about the operating environment and the systems must be configured in a way rarely seen in practice.

Conditions:
Cisco Digital Content Manager (DCM) devices running a version of DCM software prior to 3.3.15 are affected.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.