#VU14431 Improper input validation in Cisco Unified Communications Manager IM & Presence Service - CVE-2018-0409

Cybersecurity Help s.r.o.

Published: 2018-08-15 | Updated: 2018-08-16

Vulnerability identifier: #VU14431

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-0409

CWE-ID: CWE-126

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Unified Communications Manager IM & Presence Service
Client/Desktop applications / Other client software

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the XCP Router service due to improper validation of user-supplied input. A remote attacker can send a malicious IPv4 or IPv6 packet to an affected device on TCP port 7400, overread a buffer and cause the XCP Router service to crash and restart.

Mitigation
Update to version 12.5(0.98000.355), 12.0(1.21000.3), 11.5(1.14900.32) or 11.5(1.14900.15).

Vulnerable software versions

Cisco Unified Communications Manager IM & Presence Service: 11.5.1

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-ucmimps-dos

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Cisco Unified Communications Manager IM & Presence Service

Denial of service in Cisco TelePresence Video Communication Server