CVE-2018-0332
First published: Thu Jun 07 2018(Updated: )
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified IP Phone firmware | =9.9\(9.99002.1\) | |
| Cisco Unified IP Phone 9951 Firmware | ||
| Cisco Unified IP Phone 9971 Firmware | ||
| Cisco Unified IP Phone 7906G Firmware | ||
| Cisco Unified IP Phone firmware 7911G | ||
| Cisco Unified IP Phone 7912G | ||
| Cisco Unified IP Phone 7931G Firmware | ||
| Cisco Unified IP Phone 7940G | ||
| Cisco Unified IP Phone 7941G Firmware | ||
| Cisco Unified IP Phone 7942G Firmware | ||
| Cisco Unified IP Phone 7945G Firmware | ||
| Cisco Unified IP Phone 7960G Firmware | ||
| Cisco Unified IP Phone 7961G Firmware | ||
| Cisco Unified IP Phone 7962G Firmware | ||
| Cisco Unified IP Phone 7965G Firmware | ||
| Cisco Unified IP Phone 7975G Firmware | ||
| Cisco IP Phone Firmware | =9.4\(2\)sr3.1 | |
| Cisco IP Phone 7811 firmware | ||
| Cisco IP Phone 7821 firmware | ||
| Cisco IP Phone 7841 firmware | ||
| Cisco IP Phone 7861 firmware | ||
| Cisco IP Phone 8811 firmware | ||
| Cisco IP Phone 8841 firmware | ||
| Cisco IP Phone 8845 firmware | ||
| Cisco IP Phone 8851 firmware | ||
| Cisco IP Phone 8861 Firmware 3PCC | ||
| cisco ip phone 8865 | ||
| Cisco IP Phone Firmware | =9.4\(2\)sr4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-0332?
CVE-2018-0332 is a vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software.
How does CVE-2018-0332 affect Cisco Unified IP Phone firmware version 9.9 (9.99002.1)?
CVE-2018-0332 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition if they target a Cisco Unified IP Phone firmware version 9.9 (9.99002.1).
What is the severity of CVE-2018-0332?
CVE-2018-0332 has a severity value of 7.5 (high).
How can I fix the vulnerability in Cisco Unified IP Phone firmware version 9.9 (9.99002.1) caused by CVE-2018-0332?
There is currently no known fix for the vulnerability in Cisco Unified IP Phone firmware version 9.9 (9.99002.1) caused by CVE-2018-0332. It is recommended to monitor the Cisco Security Advisory for any updates or patches.
Where can I find more information about CVE-2018-0332?
You can find more information about CVE-2018-0332 on the following websites: [SecurityFocus](http://www.securityfocus.com/bid/104445), [SecurityTracker](http://www.securitytracker.com/id/1041074), [Cisco Security Advisory](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos)
- agent/type
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/cisco
- canonical/cisco unified ip phone firmware
- version/cisco unified ip phone firmware/9.9\(9.99002.1\)
- canonical/cisco unified ip phone 9951 firmware
- canonical/cisco unified ip phone 9971 firmware
- canonical/cisco unified ip phone 7906g firmware
- canonical/cisco unified ip phone firmware 7911g
- canonical/cisco unified ip phone 7912g
- canonical/cisco unified ip phone 7931g firmware
- canonical/cisco unified ip phone 7940g
- canonical/cisco unified ip phone 7941g firmware
- canonical/cisco unified ip phone 7942g firmware
- canonical/cisco unified ip phone 7945g firmware
- canonical/cisco unified ip phone 7960g firmware
- canonical/cisco unified ip phone 7961g firmware
- canonical/cisco unified ip phone 7962g firmware
- canonical/cisco unified ip phone 7965g firmware
- canonical/cisco unified ip phone 7975g firmware
- canonical/cisco ip phone firmware
- version/cisco ip phone firmware/9.4\(2\)sr3.1
- canonical/cisco ip phone 7811 firmware
- canonical/cisco ip phone 7821 firmware
- canonical/cisco ip phone 7841 firmware
- canonical/cisco ip phone 7861 firmware
- canonical/cisco ip phone 8811 firmware
- canonical/cisco ip phone 8841 firmware
- canonical/cisco ip phone 8845 firmware
- canonical/cisco ip phone 8851 firmware
- canonical/cisco ip phone 8861 firmware 3pcc
- canonical/cisco ip phone 8865
- version/cisco ip phone firmware/9.4\(2\)sr4