CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
80.0%
A vulnerability in Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to cause high CPU utilization, which may affect the performance of the system and make some services unavailable.
The vulnerability is due to insufficient implementation of flooding attack controls. An attacker could exploit this vulnerability by sending malformed TCP and UDP packets at a high rate.
Cisco has confirmed the vulnerability, but updated software is not available.
To exploit the vulnerability, the attacker may need access to trusted or internal networks to transmit crafted data packets to the targeted system. This access requirement could limit the likelihood of a successful exploit.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unified_communications_domain_manager_platform | any | cpe:2.3:a:cisco:unified_communications_domain_manager_platform:any:*:*:*:*:*:*:* |