CiscoCISCO-SA-20151202-SIPCisco SIP Phone 3905 Resource Limitation Denial of Service Vulnerability
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
56.0%
A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to a resource limitation of the device. An attacker could exploit this vulnerability by sending large amounts of traffic to the affected device. An exploit could cause the device to stop functioning properly, resulting in a DOS condition.
Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151202-sip[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151202-sip”]
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco unified sip phone 3900 series firmware | eq | any | |
| cisco unified sip phone | eq | 3900 Series Firmware |
Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
56.0%