{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T03:47:54.426","vulnerabilities":[{"cve":{"id":"CVE-2020-3596","sourceIdentifier":"psirt@cisco.com","published":"2020-10-08T05:15:15.557","lastModified":"2024-11-21T05:31:22.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of incoming SIP traffic. An attacker could exploit this vulnerability by sending a series of SIP packets to an affected device. A successful exploit could allow the attacker to exhaust memory on an affected device, causing it to crash and leading to a DoS condition."},{"lang":"es","value":"Una vulnerabilidad en el Session Initiation Protocol (SIP) de Cisco Expressway Series y Cisco TelePresence Video Communication Server (VCS), podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al manejo incorrecto del tráfico SIP entrante. Un atacante podría explotar esta vulnerabilidad mediante el envío de una serie de paquetes SIP hacia un dispositivo afectado. Una explotación con éxito podría permitir que el atacante agote la memoria de un dispositivo afectado, causando que se bloquee y conllevando a una condición DoS"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-670"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*","versionEndIncluding":"x12.6.3","matchCriteriaId":"E36C4A92-01D2-46DB-BD02-AE2B577F7081"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*","versionEndIncluding":"x12.6.3","matchCriteriaId":"59D423ED-1EE5-4543-B5B7-5D07DAB1734E"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-vcs-dos-n6xxTMZB","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-vcs-dos-n6xxTMZB","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}