ID

VAR-201208-0699


CVE

CVE-2012-1346


TITLE

Cisco Emergency Responder UDP Packet Denial of Service Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2012-4125 // BID: 54827

DESCRIPTION

Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. Cisco Emergency Responder (ER) enhances the emergency call capabilities of Cisco CallManager. It ensures that Cisco Callmanager can transfer emergency calls directly to the appropriate Public Safety Answering Point (PSAP). Successful exploitation of the issue will cause excessive CPU consumption, resulting in a denial-of-service condition

Trust: 2.52

sources: NVD: CVE-2012-1346 // JVNDB: JVNDB-2012-003469 // CNVD: CNVD-2012-4125 // BID: 54827 // VULHUB: VHN-54627

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-4125

AFFECTED PRODUCTS

vendor:ciscomodel:emergency responderscope:eqversion:9.2

Trust: 3.0

vendor:ciscomodel:emergency responderscope:eqversion:8.6

Trust: 3.0

sources: CNVD: CNVD-2012-4125 // JVNDB: JVNDB-2012-003469 // CNNVD: CNNVD-201208-037 // NVD: CVE-2012-1346

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1346
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-1346
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201208-037
value: MEDIUM

Trust: 0.6

VULHUB: VHN-54627
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-1346
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-54627
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-54627 // JVNDB: JVNDB-2012-003469 // CNNVD: CNNVD-201208-037 // NVD: CVE-2012-1346

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-54627 // JVNDB: JVNDB-2012-003469 // NVD: CVE-2012-1346

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201208-037

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201208-037

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/h:cisco:emergency_responder"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2012-003469

PATCH

title:Release Notes for Cisco Emergency Responderurl:https://www.cisco.com/en/US/docs/voice_ip_comm/cer/8_7/english/release/notes/CER0_BK_CEE780BD_00_cisco-emergency-responder-87-release_chapter_00.html

Trust: 0.8

title:Patch for Cisco Emergency Responder UDP Packet Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/19565

Trust: 0.6

sources: CNVD: CNVD-2012-4125 // JVNDB: JVNDB-2012-003469

EXTERNAL IDS

db:NVDid:CVE-2012-1346

Trust: 3.4

db:JVNDBid:JVNDB-2012-003469

Trust: 0.8

db:CNNVDid:CNNVD-201208-037

Trust: 0.7

db:CNVDid:CNVD-2012-4125

Trust: 0.6

db:NSFOCUSid:20241

Trust: 0.6

db:BIDid:54827

Trust: 0.4

db:VULHUBid:VHN-54627

Trust: 0.1

sources: CNVD: CNVD-2012-4125 // VULHUB: VHN-54627 // BID: 54827 // JVNDB: JVNDB-2012-003469 // CNNVD: CNNVD-201208-037 // NVD: CVE-2012-1346

REFERENCES

url:https://www.cisco.com/en/us/docs/voice_ip_comm/cer/8_7/english/release/notes/cer0_bk_cee780bd_00_cisco-emergency-responder-87-release_chapter_00.html

Trust: 2.3

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1346

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1346

Trust: 0.8

url:http://www.nsfocus.net/vulndb/20241

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.3

sources: CNVD: CNVD-2012-4125 // VULHUB: VHN-54627 // BID: 54827 // JVNDB: JVNDB-2012-003469 // CNNVD: CNNVD-201208-037 // NVD: CVE-2012-1346

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 54827

SOURCES

db:CNVDid:CNVD-2012-4125
db:VULHUBid:VHN-54627
db:BIDid:54827
db:JVNDBid:JVNDB-2012-003469
db:CNNVDid:CNNVD-201208-037
db:NVDid:CVE-2012-1346

LAST UPDATE DATE

2024-11-23T22:02:37.875000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-4125date:2012-08-08T00:00:00
db:VULHUBid:VHN-54627date:2012-08-07T00:00:00
db:BIDid:54827date:2012-08-13T22:00:00
db:JVNDBid:JVNDB-2012-003469date:2012-08-08T00:00:00
db:CNNVDid:CNNVD-201208-037date:2012-08-07T00:00:00
db:NVDid:CVE-2012-1346date:2024-11-21T01:36:50.463

SOURCES RELEASE DATE

db:CNVDid:CNVD-2012-4125date:2012-08-08T00:00:00
db:VULHUBid:VHN-54627date:2012-08-06T00:00:00
db:BIDid:54827date:2012-08-06T00:00:00
db:JVNDBid:JVNDB-2012-003469date:2012-08-08T00:00:00
db:CNNVDid:CNNVD-201208-037date:2012-08-07T00:00:00
db:NVDid:CVE-2012-1346date:2012-08-06T18:55:00.883