Executive Summary
| Summary | |
|---|---|
| Title | Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20090923-sip | First vendor Publication | 2009-05-28 |
| Vendor | Cisco | Last vendor Modification | 2009-09-23 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS® Software that could allow an unauthenticated attacker to cause a denial of service (DoS) condition on an affected device when the Cisco Unified Border Element feature is enabled. Cisco has released free software updates that address this vulnerability. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerability. |
Original Source
| Url : http://www.cisco.com/warp/public/707/cisco-sa-20090923-sip.shtml |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 58343 | Cisco IOS Unified Border Element Crafted SIP Messages Remote DoS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20090923-siphttp.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 10:21:57 |
|
| 2013-05-11 00:42:36 |
|
