This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Cisco Unified Communications Manager contains a vulnerability in its
Session Initiation Protocol (SIP) implementation that could allow an
unauthenticated, remote attacker to cause a critical service to fail,
which could interrupt voice services. Affected devices must be
configured to process SIP messages for this vulnerability to be
exploitable. Cisco has released free software updates that address
this vulnerability. A workaround exists for customers who do not
require SIP in their environment. This advisory is available at
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true
Nessus Plugin ID: 67203 ()
Bugtraq ID: 55697
CVE ID: CVE-2012-3949
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.