Cisco Unified Border Element Denial of Service Vulnerability

2015-10-26T10:00:00
ID CISCO-SA-20151026-CUBE
Type cisco
Reporter Cisco
Modified 2015-10-26T16:28:16

Description

A vulnerability in the Session Initiation Protocol (SIP) functionality of Cisco Unified Border Element (CUBE) could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition.

The vulnerability is due to incorrect processing of SIP messages. An attacker could exploit this vulnerability by sending unsupported SIP messages to a CUBE.

Cisco has released software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151026-cube["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151026-cube"]