Cisco Unified Communications Manager CVE-2017-3808 Denial of Service Vulnerability
by CIRT Team
Description: The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.
Related CVE: CVE-2017-3808
Impact: A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Following versions are affected:
- Cisco Unified Communications Manager 11.5(1.10000.6)
- Cisco Unified Communications Manager 11.0(1.10000.10)
- Cisco Unified Communications Manager 10.5(2.10000.5)
Mitigation: Cisco has released software updates that addresses this vulnerability.
26 Oct 2023 - Security Advisories & Alerts