Skip to main content

Unified Communications Domain Manager CVE-2013-1230

MEDIUM
Buffer Overflow (CWE-119)
2013-05-01 psirt@cisco.com
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
May 01, 2013 - 12:00 cve.org
MEDIUM 5.0

DescriptionCVE.org

Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057.

AnalysisAI

Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057. Affected products include: Cisco Unified Communications Domain Manager.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2014-3300 HIGH POC
7.5 Jul 07

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application

CVE-2014-2198 CRITICAL
10.0 Jul 07

Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH priv

CVE-2018-0124 CRITICAL
9.8 Feb 22

A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass

CVE-2014-2197 CRITICAL
9.0 Jul 07

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Applicat

CVE-2018-0364 HIGH
8.8 Jun 21

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unau

CVE-2014-3337 MEDIUM
6.8 Aug 12

The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated user

CVE-2013-3418 MEDIUM
6.8 Jul 11

Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows re

CVE-2015-0588 MEDIUM
6.8 Jan 15

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote a

CVE-2015-0682 MEDIUM
6.5 Apr 03

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiti

CVE-2014-8010 MEDIUM
6.5 Dec 10

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute

CVE-2014-3339 MEDIUM
6.5 Aug 12

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM)

CVE-2015-0684 MEDIUM
6.5 Apr 03

SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.1(4) allo

Share

CVE-2013-1230 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy