CVE-2018-0332
Summary
| CVE | CVE-2018-0332 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-07 21:29:00 UTC |
| Updated | 2019-10-09 23:31:00 UTC |
| Description | A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Ip Phone 7811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7821 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7821 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 7861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8811 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8841 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8845 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8845 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8851 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8861 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8865 | - | All | All | All |
| Hardware | Cisco | Ip Phone 8865 | - | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4(2)sr3.1 | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4(2)sr4 | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4\(2\)sr3.1 | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4\(2\)sr4 | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4\(2\)sr3.1 | All | All | All |
| Operating System | Cisco | Ip Phone Firmware | 9.4\(2\)sr4 | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7906g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7906g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7911g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7911g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7912g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7912g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7931g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7931g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7940g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7940g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7941g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7941g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7942g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7942g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7945g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7945g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7960g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7960g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7961g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7961g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7962g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7962g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7965g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7965g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7975g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 7975g | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 9951 | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 9951 | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 9971 | - | All | All | All |
| Hardware | Cisco | Unified Ip Phone 9971 | - | All | All | All |
| Operating System | Cisco | Unified Ip Phone Firmware | 9.9(9.99002.1) | All | All | All |
| Operating System | Cisco | Unified Ip Phone Firmware | 9.9\(9.99002.1\) | All | All | All |
| Operating System | Cisco | Unified Ip Phone Firmware | 9.9\(9.99002.1\) | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Malformed Request | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco Unified IP Phone Software Denial of Service Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| Cisco Unified IP Phone SIP Packet Processing Flaw Lets Remote Users Deny Service - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.