This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Cisco Unified Communications Manager contains a vulnerability in its
Session Initiation Protocol (SIP) implementation that could allow an
unauthenticated, remote attacker to cause a critical service to fail,
which could interrupt voice services. Affected devices must be
configured to process SIP messages for this vulnerability to be
exploitable. Cisco has released free software updates that address
this vulnerability. A workaround exists for customers who do not
require SIP in their environment. This advisory is available at
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true