Vulnerability Description
The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to cause a denial of service via vectors that trigger (1) on hook and (2) off hook messages, as demonstrated by a Plantronics headset, aka Bug ID CSCti40315.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ip Communicator | 7.0 |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/docs/voice_ip_comm/cipc/8_5/english/release_notes/CIP
- http://www.securitytracker.com/id?1027013
- http://www.cisco.com/en/US/docs/voice_ip_comm/cipc/8_5/english/release_notes/CIP
- http://www.securitytracker.com/id?1027013
FAQ
What is CVE-2012-0361?
CVE-2012-0361 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to ca...
How severe is CVE-2012-0361?
CVE-2012-0361 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0361?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ip Communicator.