Denial of Service Vulnerability in Cisco IP Phone 8800 Series
CVE-2017-6656

5.9MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Ip Phone 8800 Series
Vendor
CVE Published:
13 June 2017

Summary

A vulnerability exists in the Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices. An unauthenticated, remote attacker can exploit this issue to trigger an unexpected restart of the SIP process, resulting in a denial of service condition. This interruption causes all active phone calls to drop, severely affecting communication capabilities. Users of affected versions should upgrade to fixed releases to mitigate this risk.

Affected Version(s)

Cisco IP Phone 8800 Series Cisco IP Phone 8800 Series

References

http://www.securityfocus.com/bid/98996
vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038636
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.