Cisco-SA-20140110-CVE-2014-0658

Cisco 9900 Series IP Phone Crafted Header Unregister Vulnerability

Cisco-SA-20140110-CVE-2014-0658 · Medium · Published 12 years ago · Updated 12 years ago

A vulnerability in Session Initiation Protocol (SIP) header processing of Cisco fourth-generation IP phones could allow an unauthenticated, remote attacker to cause the IP phone to unregister. The vulnerability is due to improper SIP header processing. An attacker could exploit this vulnerability by sending a crafted SIP header to the affected phone. An exploit could allow the attacker to force the IP phone to unregister. Cisco has confirmed the vulnerability in a security notice and released software updates. To exploit this vulnerability, it is likely that an attacker would need access to trusted, internal networks to send a crafted SIP header to a targeted phone. This access requirement may reduce the likelihood of a successful attack.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to allow only trusted users to have network access.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators are advised to monitor affected systems.

CVEs	CVE-2014-0658
Cisco Bug IDs	CSCul24898
CVSS Score	Base 5.4 Base 5.4 AV:N/AC:H/Au:N/C:N/I:N/A:C/E:H/RL:OF/RC:C

Public Affected Products

Product	CVE	Evidence
Cisco Unified IP Phones 9900 Series Firmware	CVE-2014-0658	Cisco CSAF · structured affected

Vulnslist

Cisco product, release, and evidence lookup

Cisco 9900 Series IP Phone Crafted Header Unregister Vulnerability

Workarounds

Public Affected Products