CVE-2013-1134
First published: Wed Feb 27 2013(Updated: )
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Communications Manager | =9.0\(1\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-1134?
CVE-2013-1134 is considered a high-severity vulnerability due to its potential for cache-poisoning attacks.
How do I fix CVE-2013-1134?
To fix CVE-2013-1134, upgrade your Cisco Unified Communications Manager to version 9.1(1) or later.
What are the potential impacts of CVE-2013-1134?
CVE-2013-1134 can allow remote attackers to conduct cache-poisoning attacks, compromising the integrity of transaction records.
Which versions of Cisco Unified Communications Manager are affected by CVE-2013-1134?
The versions affected by CVE-2013-1134 include Cisco Unified Communications Manager 9.0(1) before 9.1(1).
Is authentication required for the LBM Hub node in CVE-2013-1134?
No, CVE-2013-1134 indicates that authentication from the remote LBM Hub node is not required, which leads to security risks.
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/author
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified communications manager
- version/cisco unified communications manager/9.0\(1\)