Multiple Cisco Products Common Services ActiveMQ Denial of Service Vulnerability

A vulnerability in the integration of the ActiveMQ component used in products based on Common Services could allow an unauthenticated, remote attacker to consume available memory and cause a denial of service (DoS) condition.

The vulnerability is due to improper handling of multiple TCP requests targeting some services. An attacker could exploit this vulnerability by opening several concurrent TCP sessions. A full TCP three-way handshake is needed to exploit this vulnerability. An exploit could allow the attacker to consume available memory, causing some processes to hang or crash.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, it is likely that an attacker would need access to trusted, internal networks in which the targeted device may reside in order to send multiple TCP request to such device. This access requirement limits the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.