CVE-2013-3460
high
CVSS v3
—
CVSS v2
7.8
VIR risk
7.8
Description
Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cisco | unified_communications_manager | 8.6 | |
| cisco | unified_communications_manager | 8.6\(1\) | |
| cisco | unified_communications_manager | 8.6\(1a\) | |
| cisco | unified_communications_manager | 8.6\(2\) | |
| cisco | unified_communications_manager | 8.6\(2a\) | |
| cisco | unified_communications_manager | 8.6\(2a\)su1 | |
| cisco | unified_communications_manager | 8.6\(2a\)su2 | |
| cisco | unified_communications_manager | 9.0\(1\) | |
| cisco | unified_communications_manager | 8.5 | |
| cisco | unified_communications_manager | 8.5\(1\) | |
| cisco | unified_communications_manager | 8.5\(1\)su1 | |
| cisco | unified_communications_manager | 8.5\(1\)su2 | |
| cisco | unified_communications_manager | 8.5\(1\)su3 | |
| cisco | unified_communications_manager | 8.5\(1\)su4 | |
| cisco | unified_communications_manager | 8.5\(1\)su5 | |
References
CWEs
CWE-399
Verify integrity in audit chain (admin only). AS-IS.