Cisco 9900 Series IP Phone Crafted Header Unregister Vulnerability

2014-01-1021:18:06

tools.cisco.com

CVSS2

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

EPSS

0.012

Percentile

85.0%

JSON

A vulnerability in Session Initiation Protocol (SIP) header processing of Cisco fourth-generation IP phones could allow an unauthenticated, remote attacker to cause the IP phone to unregister.

The vulnerability is due to improper SIP header processing. An attacker could exploit this vulnerability by sending a crafted SIP header to the affected phone. An exploit could allow the attacker to force the IP phone to unregister.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, it is likely that an attacker would need access to trusted, internal networks to send a crafted SIP header to a targeted phone. This access requirement may reduce the likelihood of a successful attack.

Affected configurations

Vulners

Node

ciscounified_ip_phones_9900_series_firmwareMatchany

ciscounified_ip_phones_9951_firmwareMatch9900_series_firmware

VendorProductVersionCPE
ciscounified_ip_phones_9900_series_firmwareanycpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:any:*:*:*:*:*:*:*
ciscounified_ip_phones_9951_firmware9900_series_firmwarecpe:2.3:o:cisco:unified_ip_phones_9951_firmware:9900_series_firmware:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_ip_phones_9900_series_firmware	any	cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:any:::::::*
cisco	unified_ip_phones_9951_firmware	9900_series_firmware	cpe:2.3:o:cisco:unified_ip_phones_9951_firmware:9900_series_firmware:::::::*