You are here
Home > Preporuke > Ranjivost Cisco IP telefona

Ranjivost Cisco IP telefona

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Small Business SPA514G IP Phones SIP Denial of Service Vulnerability

Advisory ID: cisco-sa-20190313-sip

Revision: 1.0

For Public Release: 2019 March 13 16:00 GMT

Last Updated: 2019 March 13 16:00 GMT

CVE ID(s): CVE-2018-0389

CVSS Score v(3): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper processing of SIP request messages by an affected device. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190313-sip”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJciSp+XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczvfcQAKo6LtL3G6ZrJaygZR3O4EpBVNm+
CKouxu0pR6MiEIYZytnnlWxbUV6GnLI2suyqVByEWYFMMNL4BiWXVSVgSC/Vbg15
QZCRBI8oB89y1WKsmi+oFFHLjW9ExAXN0PKiZJ+JkYtlJzw9eu7ghGABjJL7dXfO
a9faYF7kD+k4whI9+4nOioayYinljAJRgg3/y7JBlUSsW9dBqLcCSpalQQ5qN98J
g4zSooTw/OBd2fJeeY8TKv6zWh9BL+sxS5PS3MHE4VYnBzzFsI0xoAq8naescOcd
CVRaJY7GYU0pHIw88uLW71MZ/jKDmwyHLBs98iAJOohZOHmS4DUOVGHSW8QJx7w3
GL+sxONyDK+sSzZkRl9KPOUlprU9h9sjxBDV5Yi2iDecNamizWfwZkCWwTjMuSDV
EzJvYPFrfN27rhBwkiXdrVI2t7FxWa0BRU8NDxp3LQZbdaVr+N9dBoHymRwx3qjJ
HORruO4XV/N5n59e35ivlRHM6G+OcBCoKonhj448i0VhuRPuOWi8H58KB7QzZs6r
UQOiBCa1ZG2qmr1zkVPqYG54alYlxTtgRUYub2bKWdboV33ixjv6v+dyMwJeUKRV
rCxsjB0hC4JVQ4ilWKYAUmEpME3ndQM1uoiAUt3HDnFs7qFVD6+jzHmhWEYKSYvP
nQXHbv2w8jF7rtl+
=iLQB
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Kritična ranjivost Cisco Common Services Platform Collector softvera

Otkrivena je ranjivost u Cisco Common Services Platform Collector komponenti uzrokovana postojanjem korisničkog računa sa statičnom inicijalnom zaporkom. Uspješno iskorištavanje...

Close