Cisco Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability
Description
A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series could allow an unauthenticated, remote attacker to cause a service outage for users attempting to authenticate, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient controls for specific memory operations. An attacker could exploit this vulnerability by sending a malformed Extensible Messaging and Presence Protocol (XMPP) authentication request to an affected system. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing users from successfully authenticating. Exploitation of this vulnerability does not impact users who were authenticated prior to an attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unauthenticated remote attacker can cause DoS on Cisco Unified CM IM&P, VCS, and Expressway by sending malformed XMPP authentication request.
Vulnerability
A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series allows an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The flaw is due to insufficient controls for specific memory operations when processing Extensible Messaging and Presence Protocol (XMPP) authentication requests. Affected versions include multiple releases of these products [1].
Exploitation
An attacker can exploit this vulnerability by sending a malformed XMPP authentication request to an affected system over the network. No authentication or user interaction is required. The malformed request triggers incorrect memory handling, leading to an unexpected restart of the authentication service [1].
Impact
Successful exploitation causes the authentication service to restart, preventing users who are attempting to authenticate from successfully logging in. Users who were already authenticated prior to the attack are not affected. The impact is limited to denial of service for new authentication attempts [1].
Mitigation
Cisco has released free software updates that address this vulnerability. Customers should upgrade to fixed versions as specified in the Cisco Security Advisory [1]. No workarounds are available; updating is the recommended mitigation.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4(expand)+ 1 more
- (no CPE)
- (no CPE)range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-cucm-imp-dosmitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/108615mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.