Cisco Unified Presence Memory Exhaustion Vulnerability

ID CISCO-SA-20130510-CVE-2013-1242
Type cisco
Reporter Cisco
Modified 2013-05-10T18:52:14


A vulnerability in the web framework of Cisco Unified Presence could allow an unauthenticated, remote attacker to cause an increase in memory utilization.

The vulnerability is due to improper handling of memory allocation when the affected system is flooded with malformed TCP packets. An attacker could exploit this vulnerability by sending malformed TCP packets to the affected system. An exploit could allow the attacker to cause an increase in memory utilization. Memory utilization does not return to a normal state when the attack is terminated. A reboot is of the system is required to restore free memory.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit the vulnerability, an attacker would likely need access to an internal, trusted network to send malformed TCP packets to the targeted system, decreasing the likelihood of a successful exploit.

Customers are advised to review the bug report in the "Vendor Announcements" section for a current list of affected versions.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.