1. CVE-Search
  2. CVE-2013-3461
ID CVE-2013-3461
Summary Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869.
References
Vulnerable Configurations
  • cpe:2.3:a:cisco:unified_communications_manager:9.0\(1\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:9.0\(1\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su2:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su2:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su3:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su3:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su4:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su4:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su5:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su5:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(1\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(1\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(1a\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(1a\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(2\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(2\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\):*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\):*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su2:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su2:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 07-11-2016 - 14:47)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
refmap via4
cisco 20130821 Multiple Vulnerabilities in Cisco Unified Communications Manager
sectrack 1028938
Last major update 07-11-2016 - 14:47
Published 25-08-2013 - 03:27
Last modified 07-11-2016 - 14:47
Back to Top