Cisco Unified Communications Manager IM and Presence Service Remote Denial of Service Vulnerability

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-40164	2013-B-0094	SV-52101r2_rule	ECMT-1 ECMT-2 VIVM-1	High

Description
Cisco has released a security advisory addressing a denial-of-service vulnerability in Cisco Unified Communications Manager IM and Cisco Unified Presence. To exploit this vulnerability, an attacker would generate a large number of TCP connections to ports 5060 or 5061. If successfully exploited, an unauthenticated, remote attacker would cause a denial-of-service condition, resulting in the interruption of presence services. <br><br> At this time, there are known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

Description

Cisco has released a security advisory addressing a denial-of-service vulnerability in Cisco Unified Communications Manager IM and Cisco Unified Presence. To exploit this vulnerability, an attacker would generate a large number of TCP connections to ports 5060 or 5061. If successfully exploited, an unauthenticated, remote attacker would cause a denial-of-service condition, resulting in the interruption of presence services. <br><br> At this time, there are known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

STIG	Date
VMware ESXi Server 5.0 Security Technical Implementation Guide	2013-09-12

Details

Check Text ( None )
None

Fix Text (None)
None