| Title | Cisco Unified Communications Manager におけるバッファエラーの脆弱性 |
|---|---|
| Summary | Cisco Unified Communications Manager (Cisco Unified CM) には、バッファエラーの脆弱性が存在します。 ベンダは、本脆弱性を Bug ID CSCuz72455 として公開しています。 |
| Possible impacts | サービス運用妨害 (DoS) 攻撃が行われる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | April 19, 2017, midnight |
| Registration Date | May 25, 2017, 4:45 p.m. |
| Last Update | May 25, 2017, 4:45 p.m. |
| CVSS3.0 : 重要 | |
| Score | 7.5 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| CVSS2.0 : 危険 | |
| Score | 7.8 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| シスコシステムズ |
| Cisco Unified Communications Manager |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年05月25日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically. This vulnerability affects Cisco Unified Communications Manager (CallManager) releases prior to the first fixed release; the following list indicates the first minor release that includes the fix for this vulnerability: 10.5.2.14900-16 11.0.1.23900-5 11.5.1.12900-2. Cisco Bug IDs: CSCuz72455. |
|---|---|
| Publication Date | April 21, 2017, 7:59 a.m. |
| Registration Date | Jan. 26, 2021, 1:23 p.m. |
| Last Update | Nov. 21, 2024, 12:26 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:cisco:unified_communications_manager:11.0\(1.10000.10\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(0.98000.88\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.0_base:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.10000.6\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(2.13900.9\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(0.98000.486\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5_base:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.11007.2\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(3.10000.9\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(1.99995.9\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.0\(0.98000.225\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(0.98000.480\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.12000.1\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.0\(1.10000.12\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(2.12901.1\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(1.2\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(2.10000.5\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:10.5\(1.98991.13\):*:*:*:*:*:*:* | |||||
| cpe:2.3:a:cisco:unified_communications_manager:11.5\(0.99838.4\):*:*:*:*:*:*:* | |||||