Cisco Unified Presence Server Sync Agent Vulnerability

A vulnerability in the Intercluster Sync Agent Service on Cisco Unified Presence Server could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition.

The vulnerability is due to a SYN flood. An attacker could exploit this vulnerability by exceeding the tcp max connections parameter.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, an attacker must be in a position to send large amounts of SYN packets to the targeted device. In a typical enterprise network, the targeted device may reside on trusted, internal networks behind a firewall, which may reduce the possibility of an external attack.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.