CVE-2014-0658
MEDIUM severity · CVSS 5.4 · Improper input validation
5.4CVSS MEDIUM
Summary
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges required—
User interaction—
Confidentiality impactNone
Integrity impactNone
Availability impact—
Exploit probability (EPSS)3%
AV:N/AC:H/Au:N/C:N/I:N/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0658Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32402Advisory
- http://osvdb.org/101913
- http://secunia.com/advisories/56384
- http://www.securityfocus.com/bid/64770Advisory
- http://www.securitytracker.com/id/1029596Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90236