Cisco-SA-20140728-CVE-2014-3328

Cisco Unified Presence Server Sync Agent Vulnerability

Cisco-SA-20140728-CVE-2014-3328 · Medium · Published 11 years ago · Updated 11 years ago

A vulnerability in the Intercluster Sync Agent Service on Cisco Unified Presence Server could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. The vulnerability is due to a SYN flood. An attacker could exploit this vulnerability by exceeding the tcp max connections parameter. Cisco has confirmed the vulnerability in a security notice; however, software updates are not available. To exploit this vulnerability, an attacker must be in a position to send large amounts of SYN packets to the targeted device. In a typical enterprise network, the targeted device may reside on trusted, internal networks behind a firewall, which may reduce the possibility of an external attack. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to contact the vendor regarding future updates and releases.

Administrators are advised to allow only trusted users to have network access.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators are advised to monitor affected systems.

CVEs	CVE-2014-3328
Cisco Bug IDs	CSCun34125
CVSS Score	Base 5.0 Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C
Product Names From Source	Cisco Unified Presence Server

Related Products

Product	CVE	Evidence
Cisco Unified Presence Server	CVE-2014-3328	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Unified Presence Server Sync Agent Vulnerability

Workarounds

Related Products