Detections
Analytics
Cisco Unified Communications Manager Denial-of-Service Vulnerability (DoS)
high Nessus Plugin ID 112217
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, the Cisco Unified Communications Manager is affected by a Denial-of-Service vulnerability. Please see the included Cisco BIDs and the Cisco Security Advisory for more information.Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvg97663.See Also
Plugin Details
Severity: High
ID: 112217
File Name: cisco-sa-20180815-ucmimps-dos-cups.nasl
Version: 1.8
Type: local
Family: CISCO
Published: 8/31/2018
Updated: 11/10/2020
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2018-0409
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:cisco:unified_communications_manager_im_and_presence_service
Required KB Items: installed_sw/Cisco Unified CM IM&P
Exploit Ease: No known exploits are available
Patch Publication Date: 8/15/2018
Vulnerability Publication Date: 8/15/2018
Reference Information
CVE: CVE-2018-0409
CISCO-SA: cisco-sa-20180815-ucmimps-dos
CISCO-BUG-ID: CSCvg97663