VDB

CISCO-SA-BW-SIP-DOS-MSYSBRMT

CISCO-SA-BW-SIP-DOS-MSYSBRMT PUBLISHED CVSS 7.5 HIGH

A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. A successful exploit could allow the attacker to exhaust the memory that was allocated to the Cisco BroadWorks Network Servers that handle SIP traffic. If no memory is available, the Network Servers can no longer process incoming requests, resulting in a DoS condition that requires manual intervention to recover. For more information about this vulnerability, see the Details ["#details"] section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Cisco BroadWorks

Exploit Intelligence

…and 5 more exploits

Timeline

  • Jan 22, 2025 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›