This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote host is affected by multiple denial of service
According to its self-reported version, the remote Cisco Unified
Communications Manager (CUCM) device is affected by one of the
following denial of service vulnerabilities :
- A flaw exists in the in the 8.6 branch due to improper
processing of malformed packets to unused UDP ports.
A remote, unauthenticated attacker can cause an
interruption of voice services and an inability to
access the system's Graphical User Interface (GUI).
(CVE-2013-1133 / CSCtx43337)
- A flaw exists in the 9.0 branch due to the lack of
authentication for Intracluster Location Bandwidth
Manager (LBM) communication. A remote, unauthenticated
attacker can poison LBM transaction records resulting in
the interruption of voice services. (CVE-2013-1134 /
See also :
Upgrade to Cisco Unified Communications Manager 8.6(2a)su2 / 9.1(1) or
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true