Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-CUCM-APIDOS-PGSDCDNF_UC.NASLHistoryOct 05, 2023 - 12:00 a.m.
Cisco Unity Connection DoS (cisco-sa-cucm-apidos-PGsDcdNF)
2023-10-0500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
cisco
unity connection
dos
vulnerability
remote attacker
http request
api
cpu utilization
management
cisco bids
security advisory
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.3%
According to its self-reported version, Cisco Unity Connection running on the remote host is affected by a denial of service (DoS) vulnerability. Due to improper API authentication and incomplete verification of the API request, an unauthenticated, remote attacker can send a specially crafted HTTP request to a specific API causing a DoS condition due to high CPU utilization. A successful attack can negatively impact user traffic and management.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(182613);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/18");
script_cve_id("CVE-2023-20259");
script_xref(name:"CISCO-BUG-ID", value:"CSCwf62081");
script_xref(name:"CISCO-SA", value:"cisco-sa-cucm-apidos-PGsDcdNF");
script_xref(name:"IAVA", value:"2023-A-0527");
script_name(english:"Cisco Unity Connection DoS (cisco-sa-cucm-apidos-PGsDcdNF)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Unity Connection running on the remote host is affected by a
denial of service (DoS) vulnerability. Due to improper API authentication and incomplete verification of the API
request, an unauthenticated, remote attacker can send a specially crafted HTTP request to a specific API causing a
DoS condition due to high CPU utilization. A successful attack can negatively impact user traffic and management.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-apidos-PGsDcdNF
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?19b66d72");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf62081");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwf62081");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-20259");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/04");
script_set_attribute(attribute:"patch_publication_date", value:"2023/10/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unity_connection");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_uc_version.nasl");
script_require_keys("installed_sw/Cisco VOSS Unity");
exit(0);
}
include('vcf.inc');
var app_info = vcf::get_app_info(app:'Cisco VOSS Unity');
var version_active = get_kb_item('Host/Cisco/show_version_active');
if ('CSCwf62081' >< version_active)
audit(AUDIT_HOST_NOT, 'affected due to an installed security patch');
var constraints = [
# https://software.cisco.com/download/home/286328409/type/286319533/release/14SU3
# Per the bugID, only 14SU3 is affected - 14SU3a is not listed.
{ 'equal': '14.0.1.13900.70', 'fixed_display': 'Patch ciscocm.cuc.V14SU3_CSCwf62081.k4.cop, bug ID: CSCwf62081' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unity_connection | cpe:/a:cisco:unity_connection |
Related
cve
cve
CVE-2023-20259
2023-10-04 17:15:09
nessus
nessus
Cisco Unified Communications Manager IM & Presence DoS (cisco-sa-cucm-apidos-PGsDcdNF)
2023-10-05 00:00:00
Cisco Emergency Responder DoS (cisco-sa-cucm-apidos-PGsDcdNF)
2023-10-05 00:00:00
Cisco Unified Communications Manager DoS (cisco-sa-cucm-apidos-PGsDcdNF)
2023-10-05 00:00:00
cvelist
cvelist
CVE-2023-20259
2023-10-04 16:13:30
prion
prion
Input validation
2023-10-04 17:15:00
cisco
cisco
nvd
nvd
CVE-2023-20259
2023-10-04 17:15:09
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.3%
Related for CISCO-SA-CUCM-APIDOS-PGSDCDNF_UC.NASL