Описание
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Permissions Required
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Permissions Required
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 4.1 (включая) до 4.1\(3\)sr7 (исключая)Версия от 4.2 (включая) до 4.2\(3\)sr4 (исключая)Версия от 4.3 (включая) до 4.3\(2\) (исключая)Версия от 5.0 (включая) до 5.1\(3\) (исключая)Версия от 6.0 (включая) до 6.1\(1\) (исключая)
Одно из
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02174
Низкий
7.8 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
EPSS
Процентиль: 84%
0.02174
Низкий
7.8 High
CVSS2
Дефекты
CWE-20