CVE-2018-0409
Description
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious IPv4 or IPv6 packet to an affected device on TCP port 7400. An exploit could allow the attacker to overread a buffer, resulting in a crash and restart of the XCP Router service. Cisco Bug IDs: CSCvg97663, CSCvi55947.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5(expand)+ 1 more
- (no CPE)
- (no CPE)range: unspecified
(expand)+ 1 more
- (no CPE)
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/105102nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/105104nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041533nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041534nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-ucmimps-dosnvdVendor Advisory
News mentions
0No linked articles in our index yet.