Vulnerability Details CVE-2014-3337
The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 84.4%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/60088
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3337
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35257
- http://www.securityfocus.com/bid/69177
- http://www.securitytracker.com/id/1030709
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95245
- http://secunia.com/advisories/60088
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3337
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35257
- http://www.securityfocus.com/bid/69177
- http://www.securitytracker.com/id/1030709
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95245
Products affected by CVE-2014-3337
-
cpe:2.3:a:cisco:unified_communications_domain_manager:-
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.2
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.3
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.4
-
cpe:2.3:a:cisco:unified_communications_domain_manager:7.4
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.2
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.1)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.2)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.3)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.4)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(4)er1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(7)er1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1.4er1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.6
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.6(.2)