CVE-2018-0332
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
Una vulnerabilidad en el procesamiento de paquetes entrantes SIP (Session Initiation Protocol) del software Cisco Unified IP Phone podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe a la falta de mecanismos de control de flujo en el software. Un atacante podría explotar esta vulnerabilidad mediante el envío de grandes volúmenes de tráfico SIP INVITE al dispositivo objetivo. Su explotación con éxito podría permitir que un atacante provoque una interrupción de los servicios en el teléfono IP objetivo. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-11-27 CVE Reserved
- 2018-06-07 CVE Published
- 2023-12-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/104445 | Third Party Advisory | |
| http://www.securitytracker.com/id/1041074 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 9951 Search vendor "Cisco" for product "Unified Ip Phone 9951" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 9971 Search vendor "Cisco" for product "Unified Ip Phone 9971" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7906g Search vendor "Cisco" for product "Unified Ip Phone 7906g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7911g Search vendor "Cisco" for product "Unified Ip Phone 7911g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7912g Search vendor "Cisco" for product "Unified Ip Phone 7912g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7931g Search vendor "Cisco" for product "Unified Ip Phone 7931g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7940g Search vendor "Cisco" for product "Unified Ip Phone 7940g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7941g Search vendor "Cisco" for product "Unified Ip Phone 7941g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7942g Search vendor "Cisco" for product "Unified Ip Phone 7942g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7945g Search vendor "Cisco" for product "Unified Ip Phone 7945g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7960g Search vendor "Cisco" for product "Unified Ip Phone 7960g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7961g Search vendor "Cisco" for product "Unified Ip Phone 7961g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7962g Search vendor "Cisco" for product "Unified Ip Phone 7962g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7965g Search vendor "Cisco" for product "Unified Ip Phone 7965g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Unified Ip Phone Firmware Search vendor "Cisco" for product "Unified Ip Phone Firmware" | 9.9\(9.99002.1\) Search vendor "Cisco" for product "Unified Ip Phone Firmware" and version "9.9\(9.99002.1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unified Ip Phone 7975g Search vendor "Cisco" for product "Unified Ip Phone 7975g" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 7811 Search vendor "Cisco" for product "Ip Phone 7811" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 7821 Search vendor "Cisco" for product "Ip Phone 7821" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 7841 Search vendor "Cisco" for product "Ip Phone 7841" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 7861 Search vendor "Cisco" for product "Ip Phone 7861" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8811 Search vendor "Cisco" for product "Ip Phone 8811" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8841 Search vendor "Cisco" for product "Ip Phone 8841" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8845 Search vendor "Cisco" for product "Ip Phone 8845" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8851 Search vendor "Cisco" for product "Ip Phone 8851" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8861 Search vendor "Cisco" for product "Ip Phone 8861" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr3.1 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8865 Search vendor "Cisco" for product "Ip Phone 8865" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8811 Search vendor "Cisco" for product "Ip Phone 8811" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8841 Search vendor "Cisco" for product "Ip Phone 8841" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8845 Search vendor "Cisco" for product "Ip Phone 8845" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8851 Search vendor "Cisco" for product "Ip Phone 8851" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8861 Search vendor "Cisco" for product "Ip Phone 8861" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ip Phone Firmware Search vendor "Cisco" for product "Ip Phone Firmware" | 9.4\(2\)sr4 Search vendor "Cisco" for product "Ip Phone Firmware" and version "9.4\(2\)sr4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ip Phone 8865 Search vendor "Cisco" for product "Ip Phone 8865" | - | - |
Safe
|