Vulnerabilities > CVE-2016-1466 - Resource Management Errors vulnerability in Cisco Unified Communications Manager IM and Presence Service

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

CWE-399

NVD

Published: 2016-08-08

Updated: 2017-08-16

Summary

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Manager IM AND Presence Service 9.1\(1\) Cisco Unified Communications Manager IM AND Presence Service 11.5\(1\) Cisco Unified Communications Manager IM AND Presence Service 10.5\(2\) Cisco Unified Communications Manager IM AND Presence Service 11.0\(1\)	4

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References