Condorlab

CISCO – Denial of Service


Advisory IDRSN-SIP-1558


Vulnerability Information
A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.


Release Date
2017-04-17 00:00:00


Solutions
RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3808