SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VoIP)  >   Cisco Unified Customer Voice Portal Vendors:   Cisco
Cisco Unified Customer Voice Portal Application Server SIP INVITE Processing Flaw Lets Remote Users Deny Service
SecurityTracker Alert ID:  1040220
SecurityTracker URL:  http://securitytracker.com/id/1040220
CVE Reference:   CVE-2018-0086   (Links to External Site)
Date:  Jan 17 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 11.6(1)
Description:   A vulnerability was reported in Cisco Unified Customer Voice Portal. A remote user can cause denial of service conditions on the target system.

A remote user can send a specially crafted SIP INVITE request to the target portal when communicating with the Cisco Virtualized Voice Browser (VVB) to affect the availability of services and data on the target device.

The vendor has assigned bug ID CSCve85840 to this vulnerability.

Impact:   A remote user can cause denial of service conditions.
Solution:   The vendor has issued a fix (11.6(1)).

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-cvp

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-cvp (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-cvp

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC