Improper input validation in Cisco Unified_presence

CVE-2013-1197

The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.004 (58.7th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_presence
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20130415 Cisco Unified Presence XMPP Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)