Denial of Service in Cisco IOS and Unified Communications Manager
CVE-2016-1350

7.5HIGH

Key Information:

Vendor

Cisco
Status
Ios Xe
X14j Firmware
Opensolaris
Gs1900-10HP Firmware
Vendor
CVE Published:
26 March 2016

What is CVE-2016-1350?

This vulnerability in Cisco IOS and Cisco Unified Communications Manager can be exploited by remote attackers through the sending of malformed Session Initiation Protocol (SIP) messages. This exploit can lead to a denial of service, causing the affected device to reload unexpectedly. Users and organizations utilizing Cisco's networking products should ensure they are protected by implementing the necessary updates and fixes provided by Cisco to mitigate these risks.

References

http://www.securitytracker.com/id/1035421
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/85372
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.