Sign-up

ID

VAR-201205-0286


CVE

CVE-2012-0361


TITLE

Cisco IP Communicator of SCCP Service disruption in protocol components (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-002206

DESCRIPTION

The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to cause a denial of service via vectors that trigger (1) on hook and (2) off hook messages, as demonstrated by a Plantronics headset, aka Bug ID CSCti40315. The problem is Bug ID CSCti40315 It is a problem.By a third party (1) On hook and (2) Service operation disruption by triggering off-hook (DoS) There is a possibility of being put into a state. IP Communicator is prone to a denial-of-service vulnerability. A remote attacker can exploit this vulnerability to cause a denial of service by triggering (1) hook-on or (2) hook-off message vectors. This vulnerability has been confirmed by Plantronics headset, also known as Bug ID CSCti40315

Trust: 2.07

sources: NVD: CVE-2012-0361 // JVNDB: JVNDB-2012-002206 // BID: 78264 // VULHUB: VHN-53642 // VULMON: CVE-2012-0361

AFFECTED PRODUCTS

vendor:ciscomodel:ip communicatorscope:eqversion:8.6

Trust: 1.9

vendor:ciscomodel:ip communicatorscope:eqversion:7.0

Trust: 1.9

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(2\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(4\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(5\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(3\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(6\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0\(1\)

Trust: 1.6

vendor:ciscomodel:ip communicatorscope:eqversion:7.0 to 8.6

Trust: 0.8

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(6)

Trust: 0.3

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(5)

Trust: 0.3

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(4)

Trust: 0.3

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(3)

Trust: 0.3

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(2)

Trust: 0.3

vendor:ciscomodel:ip communicatorscope:eqversion:7.0(1)

Trust: 0.3

sources: BID: 78264 // JVNDB: JVNDB-2012-002206 // CNNVD: CNNVD-201205-052 // NVD: CVE-2012-0361

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-0361
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-0361
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201205-052
value: MEDIUM

Trust: 0.6

VULHUB: VHN-53642
value: MEDIUM

Trust: 0.1

VULMON: CVE-2012-0361
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-0361
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-53642
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-53642 // VULMON: CVE-2012-0361 // JVNDB: JVNDB-2012-002206 // CNNVD: CNNVD-201205-052 // NVD: CVE-2012-0361

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-53642 // JVNDB: JVNDB-2012-002206 // NVD: CVE-2012-0361

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-052

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201205-052

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-002206

PATCH
title:Release Notes for Cisco IP Communicator Release 8.6url:http://www.cisco.com/en/US/docs/voice_ip_comm/cipc/8_5/english/release_notes/CIPC8x_RN.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-002206

EXTERNAL IDS
db:NVDid:CVE-2012-0361
Trust: 2.9
db:SECTRACKid:1027013
Trust: 1.4
db:JVNDBid:JVNDB-2012-002206
Trust: 0.8
db:CNNVDid:CNNVD-201205-052
Trust: 0.7
db:BIDid:78264
Trust: 0.5
db:VULHUBid:VHN-53642
Trust: 0.1
db:VULMONid:CVE-2012-0361
Trust: 0.1
sources:
            
            
            VULHUB: VHN-53642 // 
            
            
            
            VULMON: CVE-2012-0361 // 
            
            
            
            BID: 78264 // 
            
            
            
            JVNDB: JVNDB-2012-002206 // 
            
            
            
            CNNVD: CNNVD-201205-052 // 
            
            
            
            NVD: CVE-2012-0361

REFERENCES
url:http://www.cisco.com/en/us/docs/voice_ip_comm/cipc/8_5/english/release_notes/cipc8x_rn.html
Trust: 2.1
url:http://www.securitytracker.com/id?1027013
Trust: 1.5
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0361
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0361
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/78264
Trust: 0.1
sources:
            
            
            VULHUB: VHN-53642 // 
            
            
            
            VULMON: CVE-2012-0361 // 
            
            
            
            BID: 78264 // 
            
            
            
            JVNDB: JVNDB-2012-002206 // 
            
            
            
            CNNVD: CNNVD-201205-052 // 
            
            
            
            NVD: CVE-2012-0361

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 78264

SOURCES
db:VULHUBid:VHN-53642
db:VULMONid:CVE-2012-0361
db:BIDid:78264
db:JVNDBid:JVNDB-2012-002206
db:CNNVDid:CNNVD-201205-052
db:NVDid:CVE-2012-0361

LAST UPDATE DATE
2024-11-23T22:02:40.996000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-53642date:2012-10-30T00:00:00
db:VULMONid:CVE-2012-0361date:2012-10-30T00:00:00
db:BIDid:78264date:2012-05-02T00:00:00
db:JVNDBid:JVNDB-2012-002206date:2012-05-08T00:00:00
db:CNNVDid:CNNVD-201205-052date:2012-05-03T00:00:00
db:NVDid:CVE-2012-0361date:2024-11-21T01:34:50.723

SOURCES RELEASE DATE
db:VULHUBid:VHN-53642date:2012-05-02T00:00:00
db:VULMONid:CVE-2012-0361date:2012-05-02T00:00:00
db:BIDid:78264date:2012-05-02T00:00:00
db:JVNDBid:JVNDB-2012-002206date:2012-05-08T00:00:00
db:CNNVDid:CNNVD-201205-052date:2012-05-03T00:00:00
db:NVDid:CVE-2012-0361date:2012-05-02T10:09:22.207