sec.cloudapps.cisco.com
Open in
urlscan Pro
173.36.127.17
Public Scan
URL:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-kkHq43We
Submission: On December 10 via api from RU — Scanned from DE
Submission: On December 10 via api from RU — Scanned from DE
Form analysis 1 forms found in the DOM
Name: pdfGeneration — POST /security/center/downloadPDF.pdf
<form action="/security/center/downloadPDF.pdf" "="" name=" pdfGeneration" method="post">
<input type="hidden" id="subpageId" value="cisco-sa-cucm-dos-kkHq43We" name="tyID">
<input type="hidden" value="CiscoSecurityAdvisory" name="typeName">
<input type="hidden" value="Cisco Security Advisory" name="documentType">
<input type="hidden" value="Cisco Unified Communications Manager Denial of Service Vulnerability" name="documentTitle">
<input type="hidden" id="pageId" value="AdvisoryContent">
<input type="hidden" id="userId" value="">
<input type="hidden" id="userFirstName" value="">
<input type="hidden" id="userLastName" value="">
<input type="hidden" id="appURL" value="https://sec.cloudapps.cisco.com/security/center/">
</form>Text Content
Home / Cisco Security / Security Advisories
CISCO SECURITY ADVISORY
CISCO UNIFIED COMMUNICATIONS MANAGER DENIAL OF SERVICE VULNERABILITY
High
Advisory ID:
cisco-sa-cucm-dos-kkHq43We
First Published:
2024 August 21 16:00 GMT
Version 1.0:
Final
Workarounds:
No workarounds available
Cisco Bug IDs:
CSCwi68892
CVE-2024-20375
CWE-787
CVSS Score:
Base 8.6Click Icon to Copy Verbose Score
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
CVE-2024-20375
CWE-787
Download CSAF
Email
SUMMARY
* A vulnerability in the SIP call processing function of Cisco Unified
Communications Manager (Unified CM) and Cisco Unified Communications Manager
Session Management Edition (Unified CM SME) could allow an unauthenticated,
remote attacker to cause a denial of service (DoS) condition on an affected
device.
This vulnerability is due to improper parsing of SIP messages. An attacker
could exploit this vulnerability by sending a crafted SIP message to an
affected Cisco Unified CM or Cisco Unified CM SME device. A successful
exploit could allow the attacker to cause the device to reload, resulting in
a DoS condition that interrupts the communications of reliant voice and video
devices.
Cisco has released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-kkHq43We
AFFECTED PRODUCTS
* VULNERABLE PRODUCTS
This vulnerability affects Cisco Unified CM and Cisco Unified CM SME,
regardless of device configuration.
For information about which Cisco software releases are vulnerable, see the
Fixed Software section of this advisory.
PRODUCTS CONFIRMED NOT VULNERABLE
Only products listed in the Vulnerable Products section of this advisory are
known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following
Cisco products:
* CallManager Express (CME)
* Emergency Responder
* IOS Software
* IOS XE Software
* Jabber Client
* Packaged Contact Center Enterprise (PCCE) (including Outbound Dialer)
* Prime Collaboration Deployment (PCD)
* Prime License Manager (PLM)
* Unified Border Element (CUBE)
* Unified Communications Manager IM & Presence Service (Unified CM IM&P)
* Unified Contact Center Enterprise (UCCE) (including Outbound Dialer)
* Unified Contact Center Express (UCCX)
* Unified Customer Voice Portal (CVP)
* Unity Connection
* Virtualized Voice Browser (VVB)
* Voice Extensible Markup Language (VXML) Gateway
WORKAROUNDS
* There are no workarounds that address this vulnerability.
FIXED SOFTWARE
* Cisco has released free software updates that address the vulnerability
described in this advisory. Customers with service contracts that entitle
them to regular software updates should obtain security fixes through their
usual update channels.
Customers may only install and expect support for software versions and
feature sets for which they have purchased a license. By installing,
downloading, accessing, or otherwise using such software upgrades, customers
agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html
Additionally, customers may only download software for which they have a
valid license, procured from Cisco directly, or through a Cisco authorized
reseller or partner. In most cases this will be a maintenance upgrade to
software that was previously purchased. Free security software updates do not
entitle customers to a new software license, additional software feature
sets, or major revision upgrades.
The Cisco Support and Downloads page on Cisco.com provides information about
licensing and downloads. This page can also display customer device support
coverage for customers who use the My Devices tool.
When considering software upgrades, customers are advised to regularly
consult the advisories for Cisco products, which are available from the Cisco
Security Advisories page, to determine exposure and a complete upgrade
solution.
In all cases, customers should ensure that the devices to be upgraded contain
sufficient memory and confirm that current hardware and software
configurations will continue to be supported properly by the new release. If
the information is not clear, customers are advised to contact the Cisco
Technical Assistance Center (TAC) or their contracted maintenance providers.
CUSTOMERS WITHOUT SERVICE CONTRACTS
Customers who purchase directly from Cisco but do not hold a Cisco service
contract and customers who make purchases through third-party vendors but are
unsuccessful in obtaining fixed software through their point of sale should
obtain upgrades by contacting the Cisco TAC:
https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html
Customers should have the product serial number available and be prepared to
provide the URL of this advisory as evidence of entitlement to a free
upgrade.
FIXED RELEASES
In the following table, the left column lists Cisco software releases. The
right column indicates whether a release is affected by the vulnerability
that is described in this advisory and the first release that includes the
fix for this vulnerability. Customers are advised to upgrade to an
appropriate fixed software release as indicated in this section.
Cisco Unified CM and Unified CM SME Release First Fixed Release 12.5(1)
12.5(1)SU9 14 14SU4 15 15SU1
The Cisco Product Security Incident Response Team (PSIRT) validates only the
affected and fixed release information that is documented in this advisory.
EXPLOITATION AND PUBLIC ANNOUNCEMENTS
* The Cisco PSIRT is not aware of any public announcements or malicious use of
the vulnerability that is described in this advisory.
SOURCE
* Cisco would like to thank the U.S. National Security Agency (NSA) for
reporting this vulnerability.
CISCO SECURITY VULNERABILITY POLICY
* To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy. This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
SUBSCRIBE TO CISCO SECURITY NOTIFICATIONS
* Subscribe
RELATED TO THIS ADVISORY
*
URL
* https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-kkHq43We
REVISION HISTORY
* Version Description Section Status Date 1.0 Initial public release. - Final
2024-AUG-21
Show Less
--------------------------------------------------------------------------------
LEGAL DISCLAIMER
* THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR
MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE
RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy and may lack important information
or contain factual errors. The information in this document is intended for
end users of Cisco products.
FEEDBACK
*
Leave additional feedback
CISCO SECURITY VULNERABILITY POLICY
* To learn about Cisco security vulnerability disclosure policies and
publications, see the Security Vulnerability Policy. This document also
contains instructions for obtaining fixed software and receiving security
vulnerability information from Cisco.
SUBSCRIBE TO CISCO SECURITY NOTIFICATIONS
* Subscribe
RELATED TO THIS ADVISORY
*
YOUR RATING:
YOUR RATING:
PLEASE LOG IN TO RATE
Log In Cancel
Average Rating:
5 star
4 star
3 star
2 star
1 star
Leave additional feedback
Feedback