Denial of Service Vulnerability in Cisco Unified Communications Manager
CVE-2014-3337

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Domain Manager
Vendor: CVE Published:; 12 August 2014

Summary

The SIP implementation in Cisco Unified Communications Manager versions 8.6(.2) and earlier is vulnerable, allowing remote authenticated users to exploit this by sending specially crafted SIP messages. This action can lead to a denial of service, causing the process to crash due to improper handling during XML document processing. This vulnerability is documented under Bug ID CSCtq76428.

References

http://www.securityfocus.com/bid/69177

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1030709

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 12, 2014
Vulnerability Reserved
May 7, 2014