What is the severity of CVE-2013-3461?

CVE-2013-3461 has a moderate severity level as it can lead to denial of service through excessive SIP packet flooding.

How do I fix CVE-2013-3461?

To fix CVE-2013-3461, ensure you update your Cisco Unified Communications Manager to the appropriate patched version.

What versions are affected by CVE-2013-3461?

CVE-2013-3461 affects Cisco Unified Communications Manager versions 8.5, 8.6, and certain 9.x versions prior to the recommended updates.

What vulnerabilities does CVE-2013-3461 exploit?

CVE-2013-3461 exploits improper SIP packet rate limiting, allowing attackers to flood the target with UDP packets.

What are the potential impacts of CVE-2013-3461?

The potential impacts of CVE-2013-3461 include memory and CPU consumption, leading to service disruption on the affected system.

Vulnerability/
CVE-2013-3461

high

7.1

CWE

399

25/8/2013

7/11/2016

CVE-2013-3461

First published: Sun Aug 25 2013(Updated: )

Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Unified Communications Manager	=9.0\(1\)
Cisco Unified Communications Manager	=8.5
Cisco Unified Communications Manager	=8.5\(1\)
Cisco Unified Communications Manager	=8.5\(1\)su1
Cisco Unified Communications Manager	=8.5\(1\)su2
Cisco Unified Communications Manager	=8.5\(1\)su3
Cisco Unified Communications Manager	=8.5\(1\)su4
Cisco Unified Communications Manager	=8.5\(1\)su5
Cisco Unified Communications Manager	=8.6
Cisco Unified Communications Manager	=8.6\(1\)
Cisco Unified Communications Manager	=8.6\(1a\)
Cisco Unified Communications Manager	=8.6\(2\)
Cisco Unified Communications Manager	=8.6\(2a\)
Cisco Unified Communications Manager	=8.6\(2a\)su1
Cisco Unified Communications Manager	=8.6\(2a\)su2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3461?
CVE-2013-3461 has a moderate severity level as it can lead to denial of service through excessive SIP packet flooding.
How do I fix CVE-2013-3461?
To fix CVE-2013-3461, ensure you update your Cisco Unified Communications Manager to the appropriate patched version.
What versions are affected by CVE-2013-3461?
CVE-2013-3461 affects Cisco Unified Communications Manager versions 8.5, 8.6, and certain 9.x versions prior to the recommended updates.
What vulnerabilities does CVE-2013-3461 exploit?
CVE-2013-3461 exploits improper SIP packet rate limiting, allowing attackers to flood the target with UDP packets.
What are the potential impacts of CVE-2013-3461?
The potential impacts of CVE-2013-3461 include memory and CPU consumption, leading to service disruption on the affected system.

agent/severity
agent/weakness
agent/references
agent/author
agent/event
agent/description
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco unified communications manager
version/cisco unified communications manager/9.0\(1\)
version/cisco unified communications manager/8.5
version/cisco unified communications manager/8.5\(1\)
version/cisco unified communications manager/8.5\(1\)su1
version/cisco unified communications manager/8.5\(1\)su2
version/cisco unified communications manager/8.5\(1\)su3
version/cisco unified communications manager/8.5\(1\)su4
version/cisco unified communications manager/8.5\(1\)su5
version/cisco unified communications manager/8.6
version/cisco unified communications manager/8.6\(1\)
version/cisco unified communications manager/8.6\(1a\)
version/cisco unified communications manager/8.6\(2\)
version/cisco unified communications manager/8.6\(2a\)
version/cisco unified communications manager/8.6\(2a\)su1
version/cisco unified communications manager/8.6\(2a\)su2

Frequently Asked Questions

What is the severity of CVE-2013-3461?
CVE-2013-3461 has a moderate severity level as it can lead to denial of service through excessive SIP packet flooding.
How do I fix CVE-2013-3461?
To fix CVE-2013-3461, ensure you update your Cisco Unified Communications Manager to the appropriate patched version.
What versions are affected by CVE-2013-3461?
CVE-2013-3461 affects Cisco Unified Communications Manager versions 8.5, 8.6, and certain 9.x versions prior to the recommended updates.
What vulnerabilities does CVE-2013-3461 exploit?
CVE-2013-3461 exploits improper SIP packet rate limiting, allowing attackers to flood the target with UDP packets.
What are the potential impacts of CVE-2013-3461?
The potential impacts of CVE-2013-3461 include memory and CPU consumption, leading to service disruption on the affected system.

CVE-2013-3461

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3461?

How do I fix CVE-2013-3461?

What versions are affected by CVE-2013-3461?

What vulnerabilities does CVE-2013-3461 exploit?

What are the potential impacts of CVE-2013-3461?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-3461?

How do I fix CVE-2013-3461?

What versions are affected by CVE-2013-3461?

What vulnerabilities does CVE-2013-3461 exploit?

What are the potential impacts of CVE-2013-3461?