The vulnerability of the Cisco Unified Communications Manager software allows a malicious actor to execute arbitrary code.
The vulnerability exists in the function dtls1reassemblefragment in d1both.c in OpenSSL, due to an improper check of the length of fragments in DTLS ClientHello messages. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure buffer overflow an...