Improper input validation in Cisco Unified_communications_domain_manager

CVE-2014-3337

The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.018 (83.3th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_communications_domain_manager
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

69177 (vdb-entry, x_refsource_BID)
1030709 (vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
60088 (x_refsource_SECUNIA, third-party-advisory)
cucm-cve20143337-dos(95245) (vdb-entry, x_refsource_XF)
20140811 Cisco Unified Communications Manager SIP Subsystem Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)